At 15:20 +0100 2/9/07, Stephane Bortzmeyer wrote:
There is a thread on the CircleID information site:
http://www.circleid.com/posts/attack_internet_root_servers/
which, in the light of this week's attack on root name servers,
suggest to keep a local copy of the root zone.
To add to "what I've heard in the past to do" list:
Also keep a list of the IP addresses of the root servers, the
originating AS numbers, and maybe even copies of "normal" traceroutes.
I was surprised that there is apparently no formal document, either
RFC or else, on this subject "Local copy of the root zone considered
harmful | good". Did I miss something?
I don't think anything so definitive on the topic would exist.
It always pays to have a record of what's normal for your environment
and to know when there's a deviance. On the other hand, I wouldn't
count on the record for operational activity. That's more common
sense that BCP material.
It's like taking a photo of your living room after a holiday. I
wouldn't use it as a guide when walking around it 6 months later as
furniture may have moved. But showing evidence of an expensive
stereo being there might influence an insurance claim.
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis +1-571-434-5468
NeuStar
"Two years ago you said we had 5-7 years, now you are saying 3-5. What I
need from you is a consistent story..."
_______________________________________________
DNSOP mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/dnsop
