Joseph S D Yao wrote:
On Mon, Apr 02, 2007 at 10:56:00PM -0500, Gadi Evron wrote: ...
I just posted this, and I believe it makes sense:
Title: Put Security Alongside .XXX
Isn't security as important to discuss as .XSS?
The DNS has become an abuse infrastructure, it is no longer just a functional infrastructure. It is not being used by malware, phishing and other Bad Things [TM], it facilitates them.
Again - DNS is the infrastructure for EVERYTHING. It facilitates EVERYTHING. If you threw it out and put something else in that was not as clunky as editing hosts.txt files 'scp'ed from DARPA daily, then THAT would be what was facilitating everything.
Maybe it would make sense for someone to reiterate what types of abuse DNS is facilitating? I believe what Gadi was getting at was mainly the ability to use fake details to register a domain, and then very rapidly cycling the A records through a wide range of hosts, attempting to avoid detection. As opposed to there actually being fundamental flaws open to abuse in a system that maps names to IP addresses. Sam