nanog mailing list archives
Re: On-going Internet Emergency and Domain Names
From: Gadi Evron <ge () linuxbox org>
Date: Sat, 31 Mar 2007 05:32:43 -0500 (CDT)
On 31 Mar 2007, Paul Vixie wrote:
whoa. this is like deja vu all over again. when barb@CERT asked me to patch BIND gethostbyaddr() back in 1994 or so to disallow non-ascii host names in order to protect sendmail from a /var/spool/mqueue/qf* formatting vulnerability, i was fresh off the boat and did as i was asked. a dozen years later i find that that bug in sendmail is long gone, but the pain from BIND's "check-names" logic is still with us. i did the wrong thing and i should have said "just fix sendmail, i don't care how much easier it would be to patch libc, that's just wrong." are we really going to stop malware by blackholing its domain names? if so then i've got some phone calls to make.
are we really going to stop malware by blackholing its domain names? if so then i've got some phone calls to make.
I don't know about bind, obviously your knowledge over-shadows mine. Changing bind for sendmail was likely silly but it showed some agaility we seem to not have today. If it could have been a temporary dynamic solution (rather than a package change), it's an interesting concept. Back to reality and 2007: In this case, we speak of a problem with DNS, not sendmail, and not bind. As to blacklisting, it's not my favorite solution but rather a limited alternative I also saw you mention on occasion. What alternatives do you offer which we can use today? Gadi.
-- Paul Vixie
Current thread:
- Re: On-going Internet Emergency and Domain Names, (continued)
- Re: On-going Internet Emergency and Domain Names Matt Ghali (Mar 31)
- Re: On-going Internet Emergency and Domain Names Fergie (Mar 30)
- Re: On-going Internet Emergency and Domain Names Fergie (Mar 30)
- Re: On-going Internet Emergency and Domain Names Mark Green (Mar 30)
- Re: On-going Internet Emergency and Domain Names Paul Vixie (Mar 30)
- Re: On-going Internet Emergency and Domain Names Suresh Ramasubramanian (Mar 31)
- Re: On-going Internet Emergency and Domain Names Adrian Chadd (Mar 31)
- Re: On-going Internet Emergency and Domain Names Suresh Ramasubramanian (Mar 31)
- Re: On-going Internet Emergency and Domain Names Adrian Chadd (Mar 31)
- Re: On-going Internet Emergency and Domain Names Suresh Ramasubramanian (Mar 31)
- Re: On-going Internet Emergency and Domain Names Mark Green (Mar 30)
- Re: On-going Internet Emergency and Domain Names Gadi Evron (Mar 31)
- Re: On-going Internet Emergency and Domain Names Mikael Abrahamsson (Mar 31)
- Re: On-going Internet Emergency and Domain Names Gadi Evron (Mar 31)
- Re: On-going Internet Emergency and Domain Names Peter Dambier (Mar 31)
- Re: On-going Internet Emergency and Domain Names Kradorex Xeron (Mar 31)
- Re: On-going Internet Emergency and Domain Names Stephen Satchell (Mar 31)
- Re: On-going Internet Emergency and Domain Names Douglas Otis (Mar 31)
- RE: On-going Internet Emergency and Domain Names Frank Bulk (Mar 31)
- RE: On-going Internet Emergency and Domain Names Douglas Otis (Mar 31)
- RE: On-going Internet Emergency and Domain Names Frank Bulk (Mar 31)
- RE: On-going Internet Emergency and Domain Names Douglas Otis (Mar 31)