On Sat, Mar 31, 2007, Gadi Evron wrote:
On Sun, 1 Apr 2007, Adrian Chadd wrote:
Stop trying to fix things in the core - it won't work, honest - and start trying to fix things closer to the edge where the actual problem is.
Thing is, the problem IS in the core. DNS is no longer just being abused, it is pretty much an abuse infrastructure. That needs to be fixed if security operations on the Internet at their current effectiveness (which is low as it is) are to be maintained past Q4 2007-Q2 2008.
And as I said tongue in cheek before - so is IP. Where do you draw the line?
I view this kind of thing as an operational issue insomuch as it might affect my network - but malware writers are botnet operators are smarter than they once were and aren't nearly as "spray your mark everywhere as quickly as possible" as exploits used to be.
As to malware: Protect against malware on your network, this isn't what this is about. It's about your network's security being reliant on someone half way across the world taking care of it.
For the few I'm currently responsible for; you can be absolutely certain my network security is reliant on me, not someone else. I'm trying to push out the "You've got to be responsible for what you send just as much as what you receive" out to clients who only seem to take notice after their first spam blacklisting, or sneaky malware infection. Have you tried pursuing the root cause of all of this horribleness - badly written software? Adrian