[dns-operations] Introducing DNSCrypt

Dobbins, Roland rdobbins at arbor.net
Wed Dec 7 05:44:06 UTC 2011


On Dec 7, 2011, at 11:48 AM, Jothan Frakes wrote:

> Isn't that bot/c&c visibility just opaque on the local or other transport nets? seems like Opendns or the server providing encrypted responses would see it.

The point is for access network operators to be able to see it.  

> In fact, this might provide a cental resolver a mode complete picture of bot/c&c activity levels, absent interventions.

I don't see how encryption helps with that at all - quite the opposite.

> It could even be said that this might improve detection of activity that might otherwise be below an observeable threshold due to current interventions.

The point of visibility is to *enable* intervention.

;>

-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

		The basis of optimism is sheer terror.

			  -- Oscar Wilde




More information about the dns-operations mailing list