nanog mailing list archives
Re: Vixie warns: DNS Changer ‘blackouts’ inevitable
From: "cncr04s/Randy" <cncr04s () gmail com>
Date: Thu, 31 May 2012 08:14:40 -0500
On Mon, May 28, 2012 at 2:56 PM, Florian Weimer <fw () deneb enyo de> wrote:
[Dnschanger substitute server operations]One thing is clear, Paul is able to tell a great story.PR for ISC is somewhat limited, it's often attributed to the FBI: | The effort, scheduled to begin this afternoon, is designed to let | those people know that their Internet connections will stop working | on July 9, when temporary servers set up by the FBI to help | DNSChanger victims are due to be disconnected. <http://news.cnet.com/8301-1009_3-57439407-83/google-will-alert-users-to-dnschanger-malware-infection/> | The FBI has now seized control of the malicious DNS servers, but | countless computers are still infected with the malware. <http://www.h-online.com/security/news/item/Google-warns-DNSChanger-victims-1583037.html> | The malware is so vicious — it can interfere with users' Web | browsing, steer them to fraudulent websites and make their computers | vulnerable to other malicious software — that the FBI has put a | safety net of sorts in place, using government computers to prevent | any Internet disruptions for users whose computers may be infected. <http://www.technolog.msnbc.msn.com/technology/technolog/infected-users-get-legit-warning-about-july-9-internet-doomsday-751078> (I'm justing quoting what I found. Some of the linked articles contain bogus information.) In any case, this isn't what bugs me about the whole process. I don't like the way this is implemented—mainly the use of RPZ, but there are other concerns. The notification process has some issues as well, but it's certainly a great learning exercise for all folks involved with this. To me, it doesn't really matter that Dnschanger is fairly minor as far as such things go. Hopefully, the knowledge and the contacts established can be applied to other cases as well.
Exactly how much can it cost to serve up those requests... I mean for 9$ a month I have a cpu that handles 2000 *Recursive* Queries a second. 900 bux could net me *200,000* a second if not more. The government overspends on a lot of things.. they need some one whos got the experience to use a bunch of cheap servers for the resolvers and a box that hosts the IPs used and then distributes the query packets.
Current thread:
- Re: Vixie warns: DNS Changer ‘blackouts’ inevitable, (continued)
- Re: Vixie warns: DNS Changer ‘blackouts’ inevitable bmanning (May 22)
- Re: Vixie warns: DNS Changer ‘blackouts’ inevitable Randy Bush (May 22)
- Re: Vixie warns: DNS Changer ‘blackouts’ inevitable Michael J Wise (May 22)
- Re: Re: Vixie warns: DNS Changer ‘blackouts’ inevitable nanog (May 23)
- Re: Vixie warns: DNS Changer ‘blackouts’ inevitable Michael J Wise (May 23)
- Re: Vixie warns: DNS Changer ‘blackouts’ inevitable Eric Brunner-Williams (May 23)
- Message not available
- Re: Vixie warns: DNS Changer ‘blackouts’ inevitable Christopher Morrow (May 23)
- Re: Vixie warns: DNS Changer ‘blackouts’ inevitable bmanning (May 23)
- Re: Vixie warns: DNS Changer ‘blackouts’ inevitable Nick Hilliard (May 24)
- Re: Vixie warns: DNS Changer ‘blackouts’ inevitable Florian Weimer (May 28)
- Re: Vixie warns: DNS Changer ‘blackouts’ inevitable cncr04s/Randy (May 31)
- Re: Vixie warns: DNS Changer ‘blackouts’ inevitable Christopher Morrow (May 31)
- Re: Vixie warns: DNS Changer ‘blackouts’ inevitable Miles Fidelman (May 31)
- Re: Re: Vixie warns: DNS Changer ‘blackouts’ inevitable valdis . kletnieks (May 31)
- Re: Re: Vixie warns: DNS Changer ‘blackouts’ inevitable cncr04s/Randy (May 31)
- Re: Vixie warns: DNS Changer ‘blackouts’ inevitable Nick Hilliard (May 31)
- Re: Vixie warns: DNS Changer ‘blackouts’ inevitable Richard Golodner (May 31)
- RE: Re: Vixie warns: DNS Changer 'blackouts' inevitable John Lightfoot (May 31)
- Re: Vixie warns: DNS Changer ‘blackouts’ inevitable david raistrick (May 31)
- Re: Vixie warns: DNS Changer ‘blackouts’ inevitable Leo Bicknell (May 31)
- Re: Vixie warns: DNS Changer ‘blackouts’ inevitable Owen DeLong (May 23)