North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: DNS Hijacking by Cox
> On Mon, 23 Jul 2007, Joe Greco wrote: > > And, incidentally, I do consider this a false positive. If any average > > person might be tripped up by it, and we certainly have a lot of average > > users on IRC, then it's bad. So, the answer is, "at least one false > > positive." > > The only way any human activity will NEVER have a single false positive, > i.e. mistake, is by never doing anything. > > Do people really want ISPs not to do anything? I'd prefer that ISP's tends towards taking no action when taking action has a strong probability of backfiring. For example, even if you had no clue that it was a legitimate EFNet IRC server, irc.vel.net is trivially Googleable and you can determine that it will therefore be used by various real users. Redirecting this would be a bad thing. On the flip side, redirecting irc.jgreco.net, because you found it in some bot's connection directory, when Googled, indicates that there are no matched documents. While this isn't conclusive proof that it won't break somebody, it is relatively much less likely to be a customer affecting issue. Since the domain is relatively new, it would be a lot more suspicious. You could even try connecting to it (if it existed) to see what the deal was. I would still be irate if someone owned a portion of my namespace in that manner, but as a relative comparison, I could see a much better case for it. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.