On Mon, Nov 09, 2009 at 06:15:09PM -0500, David Ulevitch <dav...@everydns.net> wrote a message of 18 lines which said:
> When the conficker worms phones home to one of the 50,000 potential > domains names it computes each day, there are a lot of IT folks out > there that wish their local resolver would simply reject those DNS > requests so that infected machines in their network fail to phone > home. That's an extremely bad idea: many of the domains generated by the Conficker algorithm are already registered by a legitimate registrant (in .FR: the national railways, a national TV, etc). Also, the example is not a good choice since Conficker now mostly uses P2P: <http://mtc.sri.com/Conficker/P2P/> for those who like assembly code and awful technical details.