[AusNOG] Telstra manipulating DNS to block botnets

Barrie Hall barrie at mypond.net
Fri Jun 15 19:53:07 EST 2012


> > Managing and ensuring the quality and timeliness of the poisoning data is
> > the *big issue* with this technology but we are seeing very good results
> > now.
> >
> > Barrie
>
> It'd be interesting to know what your customers think of this
> "intervention". Do they welcome that their ISP has detected a problem
> and wants to help them or is it viewed as an unwelcome impost?
>
> It's a difficult situation that I don't envy. You're trying to solve a
> problem you didn't create, you're trying to do the right thing for
> your customers, your network and the general good, but the consumer
> probably sees it as an inconvenience and a possible cost.
>
> I imagine the "messaging" has a lot to do with the consumer
> response.
>
> If I mis-remember, Earthlink used to be pretty pro-active like this
> and did a pretty good messaging job in the email space: here's one
> example
> http://support.earthlink.net/articles/email/email-blocked-by-earthlink.php
>
>
>
Mark,

My views are my own on this email list so I can't get into what Telstra is
and isn't doing. I will say that I am happy to discuss the value of DNS
"purity" vs using DNS to solve some nasty problems we face every day.

DNS is a valuable "control plane" which allows ISP's to deliver a better
service with some tweaking. It is public knowledge that a number of ISP's
are using DNS to suppress access to "the worst of the worst" child
exploitation material on the Internet. I don't think that there is any
doubt that this has been a success.

Using DNS to surpress Botnets seems to me to be a "no brainer".

Barrie
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20120615/1a3f8846/attachment.html>


More information about the AusNOG mailing list