ICANN SSAC Report on Fast Flux Hosting and DNS

["Paul Ferguson" <fergdawg () netzero net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

My old friend & colleague, Patrik Fältström, writes:

[snip]

SSAC has released a report [.pdf] on Fast Flux that might be interesting to
read for people that are trying to make it easier to find bad guys on the
net. Fast flux implies rapid modification of IP addresses associated with a
system that hosts a malicious activity, or hosts a domain name that is used
for such activities. All to try to make it harder to find and close the
services in question.

The report ends with the following:

"Fast flux hosting is a serious and mounting problem that affects name
services in all GTLDs. SSAC encourages ICANN, registries and registrars to
consider the practices mentioned in this Advisory, to establish best
practices to mitigate fast flux hosting, and to consider incorporating such
practices in future accreditation agreements."

[snip]

Link:
http://stupid.domain.name/node/549

ICANN SSAC Advisory 25:
http://www.icann.org/committees/security/sac025.pdf

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.3 (Build 3017)

wj8DBQFHoN38q1pz9mNUZTMRArqAAKCySy+kh4t7vfd1FAUWZXGlNtps9wCg87se
EPhwTekAxpK61J/M9Cx3a/8=
=97Sz
-----END PGP SIGNATURE-----


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.