[LINK] US government running DNS botnet "as band aid"
Richard Chirgwin
rchirgwin at ozemail.com.au
Wed May 23 16:54:35 AEST 2012
I happened to be in Paul Vixie's keynote at AusCERT last week, where he
discussed this ...
He said he feared not an end user disruption, but that having hundreds
of thousands of users go dark, and hit the phones simultaneously would
overwhelm - possibly to the point of bankruptcy - smaller ISPs.
Regarding end users, he said many are very hostile to being told there's
a problem. They don't trust the government AND they don't trust
information coming from the ISP. So they reject it all.
Given his time over, Vixie thought it would have been a good idea to let
users go dark in a more managed way - thousands at a time rather than
hundreds of thousands. Here's what I wrote for The Register:
http://www.theregister.co.uk/2012/05/17/dns_changer_blackouts/
(It doesn't have my byline because I was in Queensland and didn't have
access to the CMS!)
Cheers,
Richard C
On 23/05/12 4:18 PM, Fernando Cassia wrote:
> http://www.pcworld.com/article/254259/why_your_internet_might_disappear_this_summer.html
>
> Interesting... I wonder if it would have been easier to just shut down the
> botnet and users would immediately know something was wrong and, gee, fix
> their computers?.
>
> What purpose does it serve to just "turn the botnet into legitimate DNS
> servers" and continue running it (basically providing the authorities with
> the browsing habits of hundres of thousands of users...) if you' re
> eventually going to shut those down, too?.
>
> "The DCWG is an ad hoc group of subject matter experts, and includes
> members from organizations such as Georgia Tech, Internet Systems
> Consortium, Mandiant, National Cyber-Forensics and Training Alliance,
> Neustar, Spamhaus, Team Cymru, Trend Micro, and the University of Alabama
> at Birmingham."
>
> FC
More information about the Link
mailing list