Based on our internal malcode analysis, we have been able to identify netblocks of “rogue” DNS servers. These servers seem to hand out the correct answer for proper queries, but for typos they hand out a DNS server that *may* be malicious, it’s not clear to me yet. Clearly this is a concern when you [...]
It all began innocently enough; I have been analyzing Apache logs for a while now, and when I spotted an RFI bot that was named “ddos.txt”, you know I had to look. After downloading it and analyzing it, I joined the channel with a copy of Bladerunner and started watching. The net’s been pretty quiet [...]
I honestly didn’t think I would live to see it, and this interview with Mockapetris about DNSsec adoption didn’t help. $ dig +dnssec president.gov ; <<>> DiG 9.3.5-P1 <<>> +dnssec president.gov ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33216 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, [...]