[dns-operations] DNS servers "probed" by people who want to kill the Internet?

Jim Reid jim at rfc1035.com
Thu Sep 15 15:03:13 UTC 2016


> On 15 Sep 2016, at 15:37, Stephane Bortzmeyer <bortzmeyer at nic.fr> wrote:
> I did read it and it says exactly what I said "mentions explicitely
> the .com/.net name servers" Let me quote Schneier:
> 
>> Verisign is the registrar [sic] for many popular top-level Internet
>> domains, like .com and .net. If it goes down, there's a global
>> blackout of all websites and e-mail addresses in the most common
>> top-level domains.

Context is everything. Here’s what Bruce actually said:

> I am unable to give details, because these companies spoke with me under condition of anonymity. But this all is consistent with what Verisign is reporting. Verisign is the registrar for many popular top-level Internet domains, like .com and .net. If it goes down, there's a global blackout of all websites and e-mail addresses in the most common top-level domains. Every quarter, Verisign publishes a DDoS trends report. While its publication doesn't have the level of detail I heard from the companies I spoke with, the trends are the same: "in Q2 2016, attacks continued to become more frequent, persistent, and complex.”

So in fact Schneier wasn’t talking about systemic attacks on Verisign’s infrastructure at all. Now he may or may not have had those sorts of confidential discussions with Verisign -- I’d be surprised if he hadn’t -- but Bruce made it very clear that these attacks were not focused “explicitly on the .com/.net name servers” as you claimed.





More information about the dns-operations mailing list