nanog mailing list archives
Re: hat tip to .gov hostmasters
From: Michael Thomas <mike () mtcc com>
Date: Mon, 22 Sep 2008 08:42:58 -0700
Jason Frisvold wrote:
On Mon, Sep 22, 2008 at 11:02 AM, Chris Owen <owenc () hubris net> wrote:Chicken, meet egg. I think the point of the original post is that one end or the other has to start things. At least we have one US zone doing something on the server end of things.Oh, agreed, absolutely. And it's great to see. However, neither the slashdot blurb, nor the NetworkWorld article mention that without a valid resolver, there is no guarantee of security. Sure, they mention that vendors are rolling it out and that ISPs should be following suit, but no mention is made of the end-user's resolver at all...
I dunno, a few very strategically placed validating resolvers could subject a huge amount of DNS traffic to a much higher bar were the senders so inclined to sign their zones. But I tend to view these kinds of things much more from an "epidemiology" point of view: you don't have to have 100%eradication to control an epidemic. Same thing pretty much goes with internet
based attacks, IMO: when the barrier is set sufficiently high in one area,attackers don't spend their entire time trying to break that barrier, they find the
next lowest barrier and move on. Mike
Current thread:
- RE: hat tip to .gov hostmasters, (continued)
- RE: hat tip to .gov hostmasters Keith Medcalf (Sep 22)
- Re: hat tip to .gov hostmasters bmanning (Sep 22)
- Re: hat tip to .gov hostmasters bmanning (Sep 22)
- Re: hat tip to .gov hostmasters bmanning (Sep 22)
- Re: hat tip to .gov hostmasters David Conrad (Sep 22)
- Re: hat tip to .gov hostmasters David Conrad (Sep 22)
- Re: hat tip to .gov hostmasters Simon Vallet (Sep 22)
- Re: hat tip to .gov hostmasters Chris Owen (Sep 22)
- Re: hat tip to .gov hostmasters Simon Vallet (Sep 22)
- Re: hat tip to .gov hostmasters Jason Frisvold (Sep 22)
- Re: hat tip to .gov hostmasters Michael Thomas (Sep 22)
- Re: hat tip to .gov hostmasters Scott Francis (Sep 22)
- RE: hat tip to .gov hostmasters Frank Bulk (Sep 23)
- Re: hat tip to .gov hostmasters Florian Weimer (Sep 22)
- Re: hat tip to .gov hostmasters Kevin Oberman (Sep 22)
- Re: hat tip to .gov hostmasters Stephen Sprunk (Sep 22)
- RE: hat tip to .gov hostmasters Lindley James R (Sep 22)