22 May
2007
22 May
'07
7:05 a.m.
On 5/21/07, Chris L. Morrow <christopher.morrow@verizonbusiness.com> wrote:
So, I think that what we (security folks) want is probably not to auto-squish domains in the TLD because of NS's moving about at some rate other than 'normal' but to be able to ask for a quick takedown of said domain, yes? I don't think we'll be able to reduce false positive rates low enough to be acceptable with an 'auto-squish' method :(
Well, you can autosquish IF there's enough correlation to malware traffic and botnet hosting, like the NS set the OP posted for example. -- Suresh Ramasubramanian (ops.lists@gmail.com)