nanog mailing list archives
Re: [EXTERNAL] Re: Charter DNS servers returning malware filtered IP addresses
From: Eric Kuhnke <eric.kuhnke () gmail com>
Date: Fri, 27 Oct 2023 16:08:37 -0700
When you have a sufficiently large mass of non-technical end users, inevitably some percentage of them will end up doing something like enabling WAN-interface-facing remote admin access,which then gets pwned and turned into a botnet. It's a real problem at scale. Compromised CPE routers in addition to people visiting virus/trojan laden webservers and infecting their endpoint devices. good example: https://www.fortinet.com/blog/threat-research/condi-ddos-botnet-spreads-via-tp-links-cve-2023-1389 On Fri, Oct 27, 2023 at 3:37 PM John Levine <johnl () iecc com> wrote:
It appears that Bryan Fields <Bryan () bryanfields net> said:-=-=-=-=-=- -=-=-=-=-=- On 10/27/23 7:49 AM, John Levine wrote:But for obvious good reasons, the vast majority of their customers don'tI'd argue that as a service provider deliberately messing with DNS is an obvious bad thing. They're there to deliver packets.For a network feeding a data center, sure. For a network like Charter's which is feeding unsophisticated nontechnical users, they need all the messing they can get. If you're one of the small minority of retail users that knows enough about the technology to pick your own resolver, go ahead. But it's a reasonable default to keep malware out of Grandma's iPad. R's, John
Current thread:
- Re: [EXTERNAL] Charter DNS servers returning malware filtered IP addresses, (continued)
- Re: [EXTERNAL] Charter DNS servers returning malware filtered IP addresses Delong.com via NANOG (Oct 28)
- Re: [EXTERNAL] Charter DNS servers returning malware filtered IP addresses John R. Levine (Oct 29)
- Re: [EXTERNAL] Charter DNS servers returning malware filtered IP addresses Livingood, Jason via NANOG (Oct 30)
- Re: [EXTERNAL] Charter DNS servers returning malware filtered IP addresses John R. Levine (Oct 30)
- Re: [EXTERNAL] Charter DNS servers returning malware filtered IP addresses Livingood, Jason via NANOG (Oct 30)
- Re: [EXTERNAL] Charter DNS servers returning malware filtered IP addresses Compton, Rich A (Oct 30)
- Re: [EXTERNAL] Charter DNS servers returning malware filtered IP addresses Owen DeLong via NANOG (Oct 30)
- Re: [EXTERNAL] Charter DNS servers returning malware filtered IP addresses Tim Burke (Oct 30)
- Re: [EXTERNAL] Re: Charter DNS servers returning malware filtered IP addresses Michael Thomas (Oct 27)
- Re: [EXTERNAL] DNS filtering in practice, Re: Charter DNS servers returning malware filtered IP addresses John Levine (Oct 29)
- Re: [EXTERNAL] Re: Charter DNS servers returning malware filtered IP addresses Eric Kuhnke (Oct 27)
- Re: [EXTERNAL] Re: Charter DNS servers returning malware filtered IP addresses Glenn McGurrin via NANOG (Oct 28)
- Re: [EXTERNAL] Re: Charter DNS servers returning malware filtered IP addresses Glenn Kelley (Oct 29)
- RE: Charter DNS servers returning invalid IP addresses Greg Dickinson (Oct 25)
- Re: Charter DNS servers returning invalid IP addresses Bryan Fields (Oct 25)
- Re: Charter DNS servers returning invalid IP addresses J. Hellenthal via NANOG (Oct 26)
- Re: Charter DNS servers returning invalid IP addresses John Levine (Oct 27)