nanog mailing list archives

Re: FBI tells the public to call their ISP for help

From: Chris Adams <cmadams () hiwaay net>
Date: Thu, 14 Jun 2007 13:45:50 -0500


Once upon a time, John Levine <johnl () iecc com> said:

I realize it's not a technical problem, although I suspect there are
some technical twiddles that could help, e.g., persuading Microsoft to
put the update servers in their own ASN to make it easier to put them
in a sandbox.  And I realize that Microsoft's combination of arrogance
and naivete can make them painful to deal with.


$ dig download.windowsupdate.com
;download.windowsupdate.com.    IN      A
download.windowsupdate.com. 3411 IN     CNAME   main.dl.wu.akadns.net.
main.dl.wu.akadns.net.  111     IN      CNAME   dom.dl.wu.akadns.net.
dom.dl.wu.akadns.net.   111     IN      CNAME   dl.wu.ms.edgesuite.net.
dl.wu.ms.edgesuite.net. 8080    IN      CNAME   a26.ms.akamai.net.
a26.ms.akamai.net.      20      IN      A       216.180.86.39
a26.ms.akamai.net.      20      IN      A       216.180.86.37
$ 

If you have Akamai servers, the IPs will be on your network (and of
course shared with many other sites).  You'd have to limit access with a
limited DNS server (since few will use or even know IPs to visit) that
only gives out DNS for certain hosts/domains.

-- 
Chris Adams <cmadams () hiwaay net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.

Current thread:

Re: FBI tells the public to call their ISP for help, (continued)
- - - Re: FBI tells the public to call their ISP for help Owen DeLong (Jun 14)
    - Re: FBI tells the public to call their ISP for help Jim Popovitch (Jun 14)
    - Re: FBI tells the public to call their ISP for help Owen DeLong (Jun 14)
    - Re: FBI tells the public to call their ISP for help Florian Weimer (Jun 15)
    - Re: FBI tells the public to call their ISP for help Owen DeLong (Jun 15)
    - Re: FBI tells the public to call their ISP for help Florian Weimer (Jun 15)
    - Re: FBI tells the public to call their ISP for help Kevin Day (Jun 15)
    - Re: FBI tells the public to call their ISP for help Fred Baker (Jun 15)
    - Re: FBI tells the public to call their ISP for help Florian Weimer (Jun 16)
    - Re: FBI tells the public to call their ISP for help John Levine (Jun 14)
    - Re: FBI tells the public to call their ISP for help Chris Adams (Jun 14)
    - Re: FBI tells the public to call their ISP for help Patrick W. Gilmore (Jun 14)
    - Re: FBI tells the public to call their ISP for help Jeroen Massar (Jun 14)
    - Re: FBI tells the public to call their ISP for help Sean Donelan (Jun 14)
    - Re: FBI tells the public to call their ISP for help Roland Dobbins (Jun 14)
    - RE: FBI tells the public to call their ISP for help Frank Bulk (Jun 16)
    - Re: FBI tells the public to call their ISP for help Jeroen Massar (Jun 16)
    - RE: FBI tells the public to call their ISP for help Frank Bulk (Jun 16)
    - Quarantining infected hosts (Was: FBI tells the public to call their ISP for help) Jeroen Massar (Jun 17)
    - Re: Quarantining infected hosts (Was: FBI tells the public to call their ISP for help) Sean Donelan (Jun 17)
    - RE: Assigning a fine (Was: Quarantining infected hosts (Was: FBI tells the public to call their ISP for help)) Frank Bulk (Jun 18)

(Thread continues...)