nanog mailing list archives

Re: DNS Hijacking by Cox

From: Sean Donelan <sean () donelan com>
Date: Mon, 23 Jul 2007 10:47:30 -0400 (EDT)


On Tue, 24 Jul 2007, Perry Lorier wrote:

doing it[1]. If you're interested in finding people that Undernet detects asbeing open proxies or such like, put an IDS rule looking for ":[^ ]* 465 [^]* :AUTO ".

Of course, then someone would flame the ISP for running a sniffer/wiretapon their network.


ISPs are pretty much damned no matter what they do or don't do.

Current thread:

Re: DNS Hijacking by Cox, (continued)
- - - Re: DNS Hijacking by Cox Andrew Matthews (Jul 23)
  - Re: DNS Hijacking by Cox Joe Greco (Jul 22)
- Re: DNS Hijacking by Cox Steven M. Bellovin (Jul 22)
  - Re: DNS Hijacking by Cox Patrick W. Gilmore (Jul 22)
    - Re: DNS Hijacking by Cox Steven M. Bellovin (Jul 22)
    - Re: DNS Hijacking by Cox John C. A. Bambenek (Jul 22)
    - RE: DNS Hijacking by Cox Marcus H. Sachs (Jul 22)
    - Re: DNS Hijacking by Cox Steven M. Bellovin (Jul 22)
    - Re: DNS Hijacking by Cox James Hess (Jul 22)
    - Re: DNS Hijacking by Cox Perry Lorier (Jul 23)
    - Re: DNS Hijacking by Cox Sean Donelan (Jul 23)
    - Re: DNS Hijacking by Cox James Hess (Jul 23)
    - Re: DNS Hijacking by Cox Perry Lorier (Jul 23)
    - Re: DNS Hijacking by Cox Mattias Ahnberg (Jul 24)
    - Re: DNS Hijacking by Cox Peter Dambier (Jul 24)
    - Re: DNS Hijacking by Cox Mattias Ahnberg (Jul 25)
    - Re: DNS Hijacking by Cox Peter Dambier (Jul 25)
    - Re: DNS Hijacking by Cox Chris L. Morrow (Jul 24)
    - Re: DNS Hijacking by Cox Brandon Galbraith (Jul 24)
    - Re: DNS Hijacking by Cox Chris Adams (Jul 23)
    - Re: DNS Hijacking by Cox David Conrad (Jul 23)

(Thread continues...)