nanog mailing list archives
Re: Interesting new dns failures
From: "Suresh Ramasubramanian" <ops.lists () gmail com>
Date: Tue, 22 May 2007 16:35:01 +0530
On 5/21/07, Chris L. Morrow <christopher.morrow () verizonbusiness com> wrote:
So, I think that what we (security folks) want is probably not to auto-squish domains in the TLD because of NS's moving about at some rate other than 'normal' but to be able to ask for a quick takedown of said domain, yes? I don't think we'll be able to reduce false positive rates low enough to be acceptable with an 'auto-squish' method :(
Well, you can autosquish IF there's enough correlation to malware traffic and botnet hosting, like the NS set the OP posted for example. -- Suresh Ramasubramanian (ops.lists () gmail com)
Current thread:
- Re: Interesting new dns failures, (continued)
- Re: Interesting new dns failures Chris L. Morrow (May 24)
- Re: Interesting new dns failures Steve Atkins (May 24)
- Re: Interesting new dns failures Per Heldal (May 24)
- Re: Interesting new dns failures Suresh Ramasubramanian (May 24)
- Re: Interesting new dns failures John LaCour (May 24)
- Re: Interesting new dns failures Suresh Ramasubramanian (May 24)
- Re: Interesting new dns failures Hank Nussbacher (May 23)
- Re: Interesting new dns failures Roger Marquis (May 22)
- Re: Interesting new dns failures David Ulevitch (May 22)
- Re: Interesting new dns failures Chris L. Morrow (May 22)
- Re: Interesting new dns failures Suresh Ramasubramanian (May 22)
- Re: Interesting new dns failures Mark Andrews (May 21)
- Re: Interesting new dns failures Gadi Evron (May 21)
- Re: Interesting new dns failures Roger Marquis (May 21)
- Re: Interesting new dns failures Valdis . Kletnieks (May 21)
- Use of portions of 44.0.0.0/8? Neal R (May 21)
- Re: Use of portions of 44.0.0.0/8? Andy Brezinsky (May 21)
- OK - functioning administration of 44.0.0.0/8 Neal R (May 21)