What is this group's name? Oh yeah. So that means you have one of
two choices ;-)
Smart NANOGers have taken the time to read the NANOG
charter here: http://www.nanog.org/charter.html
which says...
The purpose of NANOG is to provide forums in the
North American region for education
On Dec 8, 2006, at 9:56 AM, Petri Helenius wrote:
Has anyone figured out a remote but lawful way to repair zombie
machines?
Having remote power control over all of our customer's equipment.
Though the customer might not consider that a repair, I do :-)
--
Jo Rhett
senior geek
Silicon
On Dec 8, 2006, at 10:36 AM, Scott Weeks wrote:
Lawful in which country?
What is this group's name? Oh yeah. So that means you have one of
two choices ;-)
--
Jo Rhett
senior geek
Silicon Valley Colocation
Lawful in which country?
What is this group's name? Oh yeah. So that means you have one of two
choices ;-)
i know this will come as a shock to many, but there are more than two
countries in north america.
and like afnog, nanog is not as isolationist or jingoist as the current
us
--- [EMAIL PROTECTED] wrote:
On Dec 8, 2006, at 10:36 AM, Scott Weeks wrote:
Lawful in which country?
What is this group's name? Oh yeah. So that means you have one of
two choices ;-)
I was speaking about 'the internet' and not
of course, my company is working on two main tasks:
the first team is focused on discovering what is the virus, and what is the
best anti-virus.
instead, my team has already scaled our DNS service, by doubling the number
of DNSs.
I'm not completely satisfied by the scaling solution: I wish to
I use to slave . which can save time on recursive DNS servers when they
have
a lot of dross to answer (assuming it is totally random dross).
I'm not sure to understand your solution.
You configure your name-server as a slave-root-server?
On 12/8/06, Simon Waters [EMAIL PROTECTED] wrote:
On
On Monday 11 December 2006 16:15, you wrote:
I use to slave . which can save time on recursive DNS servers when they
have
a lot of dross to answer (assuming it is totally random dross).
I'm not sure to understand your solution.
You configure your name-server as a slave-root-server?
Yes.
On Mon, 11 Dec 2006, Simon Waters wrote:
Yes. Most of the root server traffic is answering queries with
NXDOMAIN for non-existant top level domains, if you slave root
on your recursive servers, your recursive servers can answer those
queries directly (from the 120KB root zone file), rather
In article [EMAIL PROTECTED] you write:
On Mon, 11 Dec 2006, Simon Waters wrote:
Yes. Most of the root server traffic is answering queries with
NXDOMAIN for non-existant top level domains, if you slave root
on your recursive servers, your recursive servers can answer those
queries
On Fri, 8 Dec 2006, Petri Helenius wrote:
Has anyone figured out a remote but lawful way to repair zombie machines?
Pete
Virtual patching.
-Hank
I know this is kind of a crazy idea but how about making cleaning up all
these infected machines the priority as a solution instead of defending your
dns from your infected clients. They not only affect you, they affect the
rest of us so why should we give you a solution to your problem when you
On Friday 08 December 2006 14:40, you wrote:
For this reason, I would like that a DNS could response maximum to 10
queries per second given by every single Ip address.
That may trap an email server or two.
Did you consider checking what they are looking up, and lying to them about
the
On Fri, 8 Dec 2006, Geo. wrote:
I know this is kind of a crazy idea but how about making cleaning up all
these infected machines the priority as a solution instead of defending your
dns from your infected clients. They not only affect you, they affect the
rest of us so why should we give you
On Fri, 8 Dec 2006, Luke wrote:
Hi,
as a comsequence of a virus diffused in my customer-base, I often receive
big bursts of traffic on my DNS servers.
Unluckly, a lot of clients start to bomb my DNSs at a certain hour, so I
have a distributed tentative of denial of service.
I can't
Actually, reading your reply (which is the same as my own, pretty much), I
figure the guy asked a question and he has a real problem. Assuming he
doesn't want to clean them up is not nice of us.
Infected machines (bots) will cause a lot more than just DNS issues. Issues
like this have a way
Geo. wrote:
I know this is kind of a crazy idea but how about making cleaning up
all these infected machines the priority as a solution instead of
defending your dns from your infected clients. They not only affect
you, they affect the rest of us so why should we give you a solution
to your
On 8-Dec-2006, at 11:52, Geo. wrote:
Actually, reading your reply (which is the same as my own, pretty
much), I
figure the guy asked a question and he has a real problem.
Assuming he
doesn't want to clean them up is not nice of us.
Infected machines (bots) will cause a lot more than
I have a bots infested network, they really task my services! How can I
make my services ignore them so that the clients start calling me and
spending my tech support budget?
Or:
I have bots on my network and as part of a multi-pronged approach to
cleaning my network while keeping the
On Fri, 8 Dec 2006, Petri Helenius wrote:
Geo. wrote:
I know this is kind of a crazy idea but how about making cleaning up
all these infected machines the priority as a solution instead of
defending your dns from your infected clients. They not only affect
you, they affect the rest
On 12/8/06, Petri Helenius [EMAIL PROTECTED] wrote:
Has anyone figured out a remote but lawful way to repair zombie machines?
sure, null route the customer until they clean their hosts up
--- [EMAIL PROTECTED] wrote:
From: Petri Helenius [EMAIL PROTECTED]
Geo. wrote:
I know this is kind of a crazy idea but how about making cleaning up
all these infected machines the priority as a solution instead of
defending your dns from your infected clients. They not only affect
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Sorry for the top-post, but wanted to retain context here.
Also, sorry for the specific product mention, but much of is
mentioned below is something that we are doing with ICSS/BASE:
Aaron Glenn wrote:
On 12/8/06, Petri Helenius [EMAIL PROTECTED] wrote:
Has anyone figured out a remote but lawful way to repair zombie
machines?
sure, null route the customer until they clean their hosts up
My question was specifically directed towards zombies that are not local
to
On Fri, 8 Dec 2006, Simon Waters wrote:
I suspect complex rate limiting may be nearly as expensive as providing DNS
answers with Bind9.
Indeed. It is generally accepted that it is easier to simply scale
your service to provide adequate headroom than implement per-client
traffic policies.
On Fri, 8 Dec 2006, Gadi Evron wrote:
Luke:
It is possible the DNS queries made are for non existent domains, fake
replies, perhaps even making them something in 1918 space, and they MAY
stop being not nice netizens.
Configuring your nameservers to randomly give bad answers isn't
considered
You could also look at Cloudshield. I was following the EveryDNS issue this
weekend and this item among the regular VON press release blast jumped out
at me:
http://www.cloudshield.com/news_events/2006_Releases/EveryDNS%20FINAL.pdf
Regards,
Frank
_
From: Frank Bulk
Sent: Friday,
On Dec 8, 2006, at 6:40 AM, Luke wrote:
Hi,
as a consequence of a virus diffused in my customer-base, I often
receive big bursts of traffic on my DNS servers. Unluckly, a lot of
clients start to bomb my DNSs at a certain hour, so I have a
distributed tentative of denial of service. I
28 matches
Mail list logo
