On Fri, 30 Mar 2007, Jeff Shultz wrote:
So, is there a list of domains that we could null-route if we could convince our DNS managers to set us up as the SOA for those domains on our local DNS servers - thus protecting our own customers somewhat?
I won't discount the assertion that there is some sort of emergency occurring. I would however, like to see a bit of a reference to where we can learn more about what is going on (I assume this is the javascript exploit I heard about a couple days ago).
I'm afraid disclosing these URLs at this time is not wise. The SANS ISC released strings from them which would help you mitigate. This email is about the problem with the current incident (which is being handled) as the latest example of a situation going bad. Thanks, Gadi.