On Sun, 1 Apr 2007, Adrian Chadd wrote:
Stop trying to fix things in the core - it won't work, honest - and start trying to fix things closer to the edge where the actual problem is.
Thing is, the problem IS in the core. DNS is no longer just being abused, it is pretty much an abuse infrastructure. That needs to be fixed if security operations on the Internet at their current effectiveness (which is low as it is) are to be maintained past Q4 2007-Q2 2008.
I view this kind of thing as an operational issue insomuch as it might affect my network - but malware writers are botnet operators are smarter than they once were and aren't nearly as "spray your mark everywhere as quickly as possible" as exploits used to be.
As to malware: Protect against malware on your network, this isn't what this is about. It's about your network's security being reliant on someone half way across the world taking care of it. Gadi.
Adrian