[AusNOG] Telstra manipulating DNS to block botnets

Mark Andrews marka at isc.org
Wed Jun 20 11:40:50 EST 2012 

In message <CACRMD1FpMAfNA25KaEEYd80epDZ56k+JwMTh_h-H05PvsB56-w at mail.gmail.com>, Narelle writes:
> On Sat, Jun 16, 2012 at 12:25 PM, Roland Chan <roland at chan.id.au> wrote:
> > The problem with that approach is the potential for a customer to be
> > permanently stuck in quarantine because they lack the knowledge to clean
> > their computer.
> >
> > I don't think that is an acceptable outcome, at least not while they're
> > paying for service.
> 
> And in this era you have people now completely reliant on the internet
> for access to banking, centrelink and their emergency telephone
> services.
> 
> This isn't an acceptable outcome for users at all.
> 
> We have to have an overall quality improvement approach to user side,
> services side and hardware.
> 
> The only case I can see it being remotely acceptable is where the user
> was was propagating a mightily virulent strain of the online ebola
> equivalent. Rabid stuxnet anyone?
> 
> The fact is, however, that even the malware writers now see the latter
> as being counterproductive.

Telephone service can be and is seperated today from the rest of
the ip traffic.  Often it a completely different IP address with
different QoS tagging.  The only thing in common is the physical
equipment.  You plug the phone jack on the modem into the internal
house telephone wiring / wireless phone hub.  That jack is often
designed to continue working for a while on power outage.  The lan
jack isn't as the modem goes into power saving mode.

When I suggested this earlier in the thread users got the ablility
to clear the quarantine with grace periods to enable them to fix
the problems themselves.

As for access to banking the machine that is compromised is likely
to be the same machine being used to do the banking.

As for centerlink there are alternatives to using the home internet.

> -- 
> 
> 
> Narelle Clark
> president at isoc-au.org.au
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

More information about the AusNOG mailing list