Anything traversing the edge. They are all revenue targets.

Best,

Martin



On 5/14/09, Mark Andrews <[email protected]> wrote:
>
> In message <[email protected]>, John Levine writes:
>> >Dear Sprint EVDO people,
>> >
>> >Your man-in-the-middle hijacking of UDP/53 DNS queries against
>> >nameservers that I choose to query from my laptop on Sprint EVDO is
>> >not appreciated.  Even less appreciated is your complete blocking of
>> >TCP/53 DNS queries.
>>
>> If I were an ISP, and I knew that approximately 99.9% of customer
>> queries to random name servers was malware doing fake site phishing or
>> misconfigured PCs that will work OK and avoid a support call if they
>> answer the DNS query, with 0.1% being old weenies like us, I'd do what
>> Sprint's doing, too.
>
>       And what's the next protocol that is going to be stomped on?
>
>> If you're aware of a mechanical way for them to tell the difference,
>> we're all ears.
>
>       Well you can't answer a TSIG message without knowing the
>       shared secret so you might as well just let it go through
>       and avoid some percentage of support calls.  Intercepting
>       TSIG messages is guaranteed to generate a support call.
>
>       Similarly intercepting "rd=0" is also guaranteed to generate
>       a support call.  You almost certainly have a interative
>       resolver making the query which will not handle the "aa=0"
>       responses.
>
>       Similarly there is no sane reason to block DNS/TCP other than
>       they can do it.
>
>       Mark
>
>> Regards,
>> John Levine, [email protected], Primary Perpetrator of "The Internet for
>> Dummies
>> ",
>> Information Superhighwayman wanna-be, http://www.johnlevine.com, ex-Mayor
>> "More Wiener schnitzel, please", said Tom, revealingly.
>>
> --
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742                 INTERNET: [email protected]
>
>


-- 
Martin Hannigan                               [email protected]
p: +16178216079
Power, Network, and Costs Consulting for Iceland Datacenters and Occupants



Reply via email to