> On 2 Nov 2023, at 20:25, Stephane Bortzmeyer wrote:
>
> On Thu, Nov 02, 2023 at 04:09:24PM +1100,
> Mark Andrews wrote
> a message of 90 lines which said:
>
>> I also see QNAME minimisation in action as the QTYPE is NS. This
>> could just be a open recursive servers using QNAME
Not specific to .US really
Pretty much every new gTLD that can be registered on "promotional" first
year prices below .com/.net/.org harbors a large than usual proportion of
phishing domains and suspicious things, because one of the sole operational
criteria for phishers registering disposable
On November 2, 2023 at 22:09 al...@allan.vin (Allan Liska) wrote:
> I think it is a matter of proportionality.
>
> According to Spamhaus malicious domains account for only 1.5% of all .com
> domains, but 4.8% of all .us domains
> (https://www.spamhaus.org/statistics/tlds/) - compare
On Thu, Nov 2, 2023 at 3:10 PM Allan Liska wrote:
> According to Spamhaus malicious domains account for only 1.5% of all .com
> domains, but 4.8% of all .us domains
> (https://www.spamhaus.org/statistics/tlds/) - compare that to .tk where 6.7%
> of all domains are malicious.
Hi Allan,
On Thu, Nov 2, 2023 at 5:46 PM William Herrin wrote:
>
> On Thu, Nov 2, 2023 at 1:30 PM goemon--- via NANOG wrote:
> > https://krebsonsecurity.com/2023/10/us-harbors-prolific-malicious-link-shortening-service/
> >
> > What hope is there when registrars are actively aiding and abeting criminal
>
I think it is a matter of proportionality.
According to Spamhaus malicious domains account for only 1.5% of all .com
domains, but 4.8% of all .us domains
(https://www.spamhaus.org/statistics/tlds/) - compare that to .tk where 6.7% of
all domains are malicious.
allan
--- Original
Hi All,
Can anyone from Network Solutions NOC or ops reach out to me asap? We are
dealing with a business critical issue and need your help urgently. The
issue is related to DNS propagation.
thanks
Shahid
There are LOTS of small business that have .us domains. I've got several
that just use these domains as well as locality specific things such as
schools or towns that use them rather than the longer ones supplied to
municipal entities.
/rh
On Thu, Nov 2, 2023 at 1:34 PM goemon--- via NANOG
On Thu, Nov 2, 2023 at 1:30 PM goemon--- via NANOG wrote:
> https://krebsonsecurity.com/2023/10/us-harbors-prolific-malicious-link-shortening-service/
>
> What hope is there when registrars are actively aiding and abeting criminal
> enterprises?
I'm confused. Does .com/.net/.org have a
I personally own a .us domain name -- while it's a personal domain and doesn't
do a lot of traffic, it's still a legitimate domain.
-Original Message-
From: "goemon--- via NANOG"
Sent: Thursday, November 2, 2023 4:30pm
To: "NANOG list"
Subject: .US Harbors Prolific Malicious Link
https://krebsonsecurity.com/2023/10/us-harbors-prolific-malicious-link-shortening-service/
"The NTIA recently published a proposal that would allow registrars to
redact all registrant data from WHOIS registration records for .US
domains. A broad array of industry groups have filed comments
On 02/11/2023 05:15, Randy Bush wrote:
ya, right, and at a whole bunch of other cctld servers
from a network called domaincrawler-hosting
It looks like a list based attempt to discover domain names registered
in some small ccTLDs. The problem with some of the queries is that a few
of the
*C**ongratulations Board Members! *
Congratulations Cat Gurinsky + Vincent Celindro, for being elected to the
NANOG Board of Directors! We are grateful for your service and look forward
to your upcoming term.
*NANOG 89 Playlist is on YouTube! *
Have you subscribed to our YouTube channel?
*C**ongratulations Board Members! *
Congratulations Cat Gurinsky + Vincent Celindro, for being elected to the
NANOG Board of Directors! We are grateful for your service and look forward
to your upcoming term.
*NANOG 89 Playlist is on YouTube! *
Have you subscribed to our YouTube channel?
> I might be reading this wrong, but I don't think the point Randy was
> trying to make was 'NS queries are an attack', 'UDP packets are an
> attack' or 'IP packets are an attack' . I base this on the list of
> queries Randy decided to include as relevant to the thesis Randy was
> trying to make,
3GIS here
On Tue, Oct 31, 2023 at 11:33 AM Stonebraker, Jack J
wrote:
> 3GIS here. Great product.
>
> *JJ Stonebraker* | Associate Director
> The University of Texas System | Office of Telecommunication Services
> *(512) 232-0888* | j...@ots.utsystem.edu
>
>
> --
3Gis is great. We are switching to Crescent link which seems to be lacking
the feature diversity and granularity of 3GIS.
On Tue, Oct 31, 2023 at 11:35 AM Stonebraker, Jack J
wrote:
> 3GIS here. Great product.
>
> *JJ Stonebraker* | Associate Director
> The University of Texas System |
On Thu, Nov 02, 2023 at 04:09:24PM +1100,
Mark Andrews wrote
a message of 90 lines which said:
> I also see QNAME minimisation in action as the QTYPE is NS. This
> could just be a open recursive servers using QNAME minimisation.
> With QNAME minimisation working correctly all parent zones
On Thu, 2 Nov 2023 at 10:32, Mark Andrews wrote:
> You missed the point I was trying to make. While I think that that source is
> trying to enumerate some part of the namespace. NS queries by themselves
> don’t indicate an attack. Others would probably see the series of NS queries
> as a
You missed the point I was trying to make. While I think that that source is
trying to enumerate some part of the namespace. NS queries by themselves don’t
indicate an attack. Others would probably see the series of NS queries as a
signature of an attack when they are NOT. There needs to be
20 matches
Mail list logo
