[Gllug] so after the DNS - Attack

Nix nix at esperi.org.uk
Wed Feb 7 21:52:53 UTC 2007


On 7 Feb 2007, Jason Clifford spake thusly:

> On Wed, 7 Feb 2007, Juergen Schinker wrote:
>
>> > Even if all the root servers went down at once, it would be a day or so
>> > before really serious impact on J. Random Browser would be evident. Most
>> > queries don't need to recurse that high.
>> 
>> but they do; most people underestimate that
>> what if you read (in the newspaper) that yesterday the official
>> DNS-Network went down ....
>> 
>> you try to get Information on the Internet ...ups -> does not resolv
>> you try to send an email                   ...ups -> does not resolv
>
> You appear not to understand how DNS is used by almost everyone.
>
> People generally do not run their own name servers but rather use their 
> ISP's CACHING name servers.
>       ^^^^^^^

... and even if they didn't, most of the gTLDs are going to be in even a
small-scale local caching server's cache (sure, perhaps .za might not be
for me, but .de and .uk and .com/.net/.org are damn certain to be.)

> Secondly to that for the every root name server to be put out of operation 
> would require an event that affected multiple software platforms, multiple 
> networks run by separate organisations all at the same time. If that were 
> to happen the network you suggest would be in the clear how exactly?

Given that it's (at least) ten times smaller...

-- 
`In the future, company names will be a 32-character hex string.'
  --- Bruce Schneier on the shortage of company names
-------------- next part --------------
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug


More information about the GLLUG mailing list