[AusNOG] FW: The worst thing about the exploit -- Have you done your part?

Noel Butler noel.butler at ausics.net
Mon Jul 28 10:20:41 EST 2008

On Sun, 2008-07-27 at 00:14, Skeeve Stevens wrote:

> A good post re the current situation... what is the state of Australia's
> biggest DNS servers?

pathetically poor, the two largest networks fail the tests on the select
NS's of theirs that I tested, and are two weeks later, still vulnerable 

Their hostmasters must be 18yo kids doing 2 hours a week work when uni
permits :)

> ...Skeeve
> -----Original Message-----
> From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On Behalf
> Of Alan Clegg
> Sent: Saturday, 26 July 2008 11:28 PM
> Subject: The worst thing about the exploit -- Have you done your part?
> One issue about this exploit that I think a lot of people may be
> overlooking is the fact that it does not directly impact the OWNER of
> the DNS records in question, but the CONSUMERS of that data.
> As the owner of "my-cheap-rail-tickets-online.com", you can patch
> everything you own, insure that your firewalls are perfect, and hire
> five extra DNS admins, but it's not going to help you keep your clients
> healthy and happy.
> Your clients are the mom-n-pop users -- the folks at the end of the
> ISP's feeding chain.  The people that don't the difference between the
> US state code for Tennessee and the country code for Tunisia.  The folks
> using "Billy Bob's Bait-and-Tackle (and Internet Stuff)" as a provider.
> Your business depends on Billy Bob getting his recursive servers fixed
> so that your customers can still get to your website (or the websites of
> your co-located customers, etc.)
> Does that scare anyone?  It scares me.. a lot.
> How do we get out and inform Billy Bob that something that has been
> working just fine for years is suddenly not quite so perfect and that
> his customers might be affected.
> Additionally, Billy Bob's customers are going to be affected in ways
> that don't directly affect his operations, so it's hard to get him to
> understand why he needs to do anything.  His customers will still be
> sending him the check every month even if their login information for
> "my-cheap-rail-tickets" was siphoned off to someone in a foreign land.
> By being on this list, you have proven that you actually are interested
> in the DNS infrastructure.  If you look around, you won't see Billy Bob
> here, and yet, he affects YOUR customers, and by that, your profit
> margin (or reputation).
> What can we as the bind-users community do about Billy Bob?
> Have you contacted your local ISPs (or tested their servers since they
> well may be open recursors?)  Have you pounded the pavement and talked
> to folks at your local users groups and tech gatherings about the problem?
> I'm willing for anyone to use my slides (http://alan.clegg.com/800113)
> as the basis for spreading the word.  Make presentations.  Tell your
> friends.  Tell your colleagues.  TELL YOUR COMPETITION.
> I'm planning to have a video of me giving the presentation on-line soon
> so that the nuances of the presentation are more clear, but if you have
> any questions regarding it before then, please send me mail (off-list).
> The storm is coming.. have you done your part?
> AlanC
> _______________________________________________
> AusNOG mailing list
> AusNOG at ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20080728/e3463d50/attachment.html>

More information about the AusNOG mailing list