> P.S. WTF is "double fast flux[tm]”? Double fast-flux is when not only the TTL is set very low on the A record(s), bit also on the NS:
https://en.wikipedia.org/wiki/Fast_flux - ferg > On Dec 1, 2016, at 12:38 PM, Ronald F. Guilmette <r...@tristatelogic.com> > wrote: > > > In message <20161201173426.2861.qm...@ary.lan>, > "John Levine" <jo...@iecc.com> wrote: > >> More info here: >> >> https://www.europol.europa.eu/newsroom/news/%E2%80%98avalanche%E2%80%99-network-dismantled-in-international-cyber-operation > > I'm always happy when even a small handful of miscreants are captured > and taken off the Internet, but... > > The press release itself says that this botnet had been running since > 2009. So, you know, are we supposed to break out the champaign and > start celebrating because it "only" took LE *seven years* to take down > this one botnet and capture a grand total of five cybercriminals? > > Like I say, I'm happy that this one botnet was killed, but to my way > of thinking, the fact that it took seven years to do so is a testament > *not* to the spectacular 21st century capabilities of modern law > enforcement, but rather to the ever widening gap between the time > scales of law enforcment processes, typically measured in months or > years, and the time scales of malicious packets flying around the > Internet, usually measured in miliseconds. > > The Internet, viewed as an organism, quite clearly has, at present, > numerous autoimmune diseases. It is attacking itself. And its immune > system, such as it is, clearly ain't working. There's going to come > a day of reckoning when it will no longer be possible to paper over > this sad and self-evident fact. (And no, I'm *not* talking about > the fabled "Digital Pearl Harbor". I'm talking instead about the > Internet equivalent of the meteor that wiped out the dinosaurs.) > > > Regards, > rfg > > > P.S. WTF is "double fast flux[tm]"? Is that anything like "double secret > probation" from Animal House? > > P.P.S. I love this part of the press release, because it is so telling: > > "The successful takedown of this server infrastructure was supported > by ... Registrar of Last Resort, ICANN..." > > Hahahahaha! Yea. Translation, for those of you who do not speak > diplomacy-speak: "It isn't hardly just you unofficial anti-spammers and > anti-cybercrime volunteers and private security companies that can't > manage to get many domain registrars and somtimes even domain registries > to lift a finger to help. Even some of us international law enforcement > guys, who have badges and everything, were also told to go pound sand by > several of the world's worst and most unhelpful registrars and registries. > In fact, they were soooooooo colossally unhelpful that in the end, we > finally had to go and plead our case all the way up to ICANN, just in > order to get anything done." — Paul Ferguson ICEBRG.io Seattle, Washington, USA
signature.asc
Description: Message signed with OpenPGP using GPGMail