nanog mailing list archives
Re: DNS Hijacking by Cox
From: Sean Donelan <sean () donelan com>
Date: Mon, 23 Jul 2007 10:47:30 -0400 (EDT)
On Tue, 24 Jul 2007, Perry Lorier wrote:
doing it[1]. If you're interested in finding people that Undernet detects as being open proxies or such like, put an IDS rule looking for ":[^ ]* 465 [^ ]* :AUTO ".
Of course, then someone would flame the ISP for running a sniffer/wiretap on their network.
ISPs are pretty much damned no matter what they do or don't do.
Current thread:
- Re: DNS Hijacking by Cox, (continued)
- Re: DNS Hijacking by Cox Andrew Matthews (Jul 23)
- Re: DNS Hijacking by Cox Joe Greco (Jul 22)
- Re: DNS Hijacking by Cox Steven M. Bellovin (Jul 22)
- Re: DNS Hijacking by Cox Patrick W. Gilmore (Jul 22)
- Re: DNS Hijacking by Cox Steven M. Bellovin (Jul 22)
- Re: DNS Hijacking by Cox John C. A. Bambenek (Jul 22)
- RE: DNS Hijacking by Cox Marcus H. Sachs (Jul 22)
- Re: DNS Hijacking by Cox Steven M. Bellovin (Jul 22)
- Re: DNS Hijacking by Cox James Hess (Jul 22)
- Re: DNS Hijacking by Cox Perry Lorier (Jul 23)
- Re: DNS Hijacking by Cox Sean Donelan (Jul 23)
- Re: DNS Hijacking by Cox James Hess (Jul 23)
- Re: DNS Hijacking by Cox Perry Lorier (Jul 23)
- Re: DNS Hijacking by Cox Mattias Ahnberg (Jul 24)
- Re: DNS Hijacking by Cox Peter Dambier (Jul 24)
- Re: DNS Hijacking by Cox Mattias Ahnberg (Jul 25)
- Re: DNS Hijacking by Cox Peter Dambier (Jul 25)
- Re: DNS Hijacking by Cox Patrick W. Gilmore (Jul 22)
- Re: DNS Hijacking by Cox Chris L. Morrow (Jul 24)
- Re: DNS Hijacking by Cox Brandon Galbraith (Jul 24)
- Re: DNS Hijacking by Cox Chris Adams (Jul 23)
- Re: DNS Hijacking by Cox David Conrad (Jul 23)