31 Mar
2007
31 Mar
'07
5:11 p.m.
since malware isn't breaking dns, and since dns not a vector per se, the idea of changing dns in any way to try to control malware strikes me as a way to get dns to be broken in more places more often.
Well, once more people learn about DLV (especially the NS override extension that has been requested by zone operators), more and more questions will pop up why we can't do this for NS records they don't like for some reason. The genie is out of the bottle, I'm afraid.
i'm going to fwd this to dns-operations@lists.oarci.net and answer it there, since this is now far afield of "can i type that into an IOS prompt?".