Hi all (again) The more I think about it, the less I think SWITCH thought about it, before publishing such nonsense.
"On 25 November 2010 SWITCH will launch an new initiative to maintain the high security standards of Swiss websites." Hello? Since when does SWITCH have anything to say about the security of websites? Security of Domains: ok, but websites? Remember: Internet != WorldWideWeb Deleting the name server delegation of a domain not only shuts down access to one website, but to ALL Internet services depending on DNS in that domain. "From different third parties we receive a fairly large number of URLs in .ch/.li ccTLDs which distribute malware." Exactly - specific URLs (or the websites behind those URLs) may spread malware, but not the domain itself, but again - since SWITCH cannot block access to specifiec URLs, there is no reason to block access to the whole domain. So I absolutely second Andre Oppermanns opinion: "This delegation suspension plan is entirely broken by design and should be immediately stopped." Cheers Mike -- Mike Kellenberger [email protected] Escapenet - Professional Web Company Tel +41 52 235 0700/04 http://www.escapenet.ch Skype mikek70atwork -----Ursprüngliche Nachricht----- Von: [email protected] [mailto:[email protected]] Im Auftrag von Serge Droz Gesendet: Donnerstag, 11. November 2010 08:23 An: [email protected] Betreff: [Spam] [swinog] Blocking Malware distribution sites Hello Swinogers, On 25 November 2010 SWITCH will launch an new initiative to maintain the high security standards of Swiss websites. Let me briefly explain what we will do, as it is relevant to the SWINOG community: >From different third parties we receive a fairly large number of URLs in .ch/.li ccTLDs which distribute malware. We're talking a few hundred URLs per week. In a first step SWITCH verifies that this claim is true. If the site is indeed distributing malware we will contact the domain holder and technical contact by e-mail and ask them to remove the problem within one working day. If the they fail to do so, we will delete the name server delegation from the zone-file [1]. We report this to MELANI, as required by law [2]. The domain holder will be informed about this. Removing the name server delegation is not really efficient as long as DNS caches, containing entries of that domain are not flushed. SWITCH plans to make the list of blocked domains available to relevant parties, i.e. ISPs operating name servers for their customers. If you want to receive this info send us an e-mail message to [email protected] and we will get in touch with you. Since we don't want any finger pointing or bashing of affected sites, we want you to keep this info confidential. To join, we therefore ask you to sign a non disclosure agreement (NDA). Please get in touch with if you have any question. Best regards Serge Notes: [1] Details see Bakom http://www.bakom.admin.ch/themen/internet/03470/index.html?lang=de [2] The law [1] talks about a "anerkannte Stelle zur Bekämpfung von Cyberkriminalität", a recognized organisation fighting cyber-crime. So far MELANI (http://www.melani.admin.ch/) is the only recognized organisation. -- SWITCH Serving Swiss Universities -------------------------- Serge Droz, SWITCH-CERT Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland phone +41 44 268 15 63, fax +41 44 268 15 78 [email protected], http://www.switch.ch _______________________________________________ swinog mailing list [email protected] http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog _______________________________________________ swinog mailing list [email protected] http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
