Home page logo
/

nanog logo nanog mailing list archives

Re: GoDaddy.com shuts down entire data center?
From: Simon Waters <simonw () zynet net>
Date: Mon, 16 Jan 2006 10:43:01 +0000


Doesn't this fall under bad things happen.

Hopefully it is very clear to all on NANOG that DNS changes can have 
unforeseeable consequences, because of the nature of the delegation in the 
DNS.

As such pulling DNS records (or zones) you don't fully understand the usage 
of, as a response to a security/spam problem, is generally a bad idea.

That said ultimately a decision has to be taken, relative benefits versus 
risks. 

I'm very grateful someone arranged that all records used by the "MINIT" trojan 
now point to an RFC1918 private address space*, having found infected boxes 
failing to download their payload as a result. However pulling DNS records 
probably doesn't belong in the hurly burly of front line support.

 Simon

*Anyone going to check how many DNS servers are still caching "asfasf.ath.cx", 
to tell how many boxes "nearly" downloaded the payload? In the style of the 
Sony DRM fiasco measurement.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault