Re: On-going Internet Emergency and Domain Names

[Jeff Shultz]

So, is there a list of domains that we could null-route if we could 
convince our DNS managers to set us up as the SOA for those domains on 
our local DNS servers - thus protecting our own customers somewhat?

I won't discount the assertion that there is some sort of emergency 
occurring. I would however, like to see a bit of a reference to where we 
can learn more about what is going on (I assume this is the javascript 
exploit I heard about a couple days ago).

Thanks.

Fergie wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> - -- Gadi Evron <ge@xxxxxxxxxxxx> wrote:
>
> > There is a current on-going Internet emergency: a critical 0day
> > vulnerability currently exploited in the wild threatens numerous desktop
> > systems which are being compromised and turned into bots, and the domain
> > names hosting it are a significant part of the reason why this attack has
> > not yet been mitigated.
> >
> > This incident is currenly being handled by several operational groups.
>
>
> ...and before people starting bashing Gadi for being off-topic, etc.,
> I'll side with him on the fact that this particular issue appears to
> be quite serious.
>
> Please check the facts regarding this issue before firing up your
> flame-throwers -- this weekend could prove to be a quite horrible
> one.
>
> - - ferg
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP Desktop 9.6.0 (Build 214)
>
> wj8DBQFGDcayq1pz9mNUZTMRAj48AKCVdw3bZ63ryIAI6f/NSbABZR10VACg3iZf
> thCHKv5hpQ6Dqrq+iY4j1J8=
> =MoWp
> -----END PGP SIGNATURE-----
>
> --
> "Fergie", a.k.a. Paul Ferguson
>  Engineering Architecture for the Internet
>  fergdawg(at)netzero.net
>  ferg's tech blog: http://fergdawg.blogspot.com/

--
Jeff Shultz