[ga] Fw: Why People Should NOT Depend on "Root Servers"

["Jim Fleming" <JimFleming@ameritech.net>]

----- Original Message -----
From: "Jim Fleming" <JimFleming@ameritech.net>
To: "'The IETF'" <ietf@ietf.org>; <chandley@ntia.doc.gov>; <nvictory@ntia.doc.gov>; <censslin@ntia.doc.gov>; <DEvans@doc.gov>
Cc: <yjpark@myepark.com>; <vivek@vivekdurai.com>; "Vittorio Bertola" <vb@vitaminic.net>; "todd glassey"
<todd.glassey@worldnet.att.net>; "Richard Henderson" <richardhenderson@ntlworld.com>; "Kristy McKee" <k@widgital.com>;
<karl@cavebear.com>; "Joop Teernstra" <terastra@terabytz.co.nz>; "Joanna Lane" <jo-uk@rcn.com>; <jefsey@jefsey.com>;
<james.love@cptech.org>; <j.oppenheimer@att.net>; <icheckemail@indiatimes.com>; <ellen@rony.com>; "Elisabeth Porteneuve"
<Elisabeth.Porteneuve@cetp.ipsl.fr>; "Alexander Svensson" <alexander@svensson.de>; "Joe Baptista" <baptista@dot-god.com>
Sent: Tuesday, August 13, 2002 9:04 AM
Subject: Why People Should NOT Depend on "Root Servers"


> http://www.merit.edu/mail.archives/nanog/msg02459.html
> gentlemen, stop your engines
>
>   a.. From: Paul Vixie
>   b.. Date: Mon Aug 12 12:07:20 2002
>
> --------------------------------------------------------------------------------
>
> after six reports that 192.5.5.241's address has been forged as the source
> of a tcp "fragmented scan" probe, i'm ready to have it stop.  but just in
> case it doesn't, this is fair warning to the community: F's address is in
> unlawful use by as-yet-unidentified third parties.
>
> re:
>
> ------- Forwarded Message
>
> From: ...
> To: "'abuse@VIX.COM'" <abuse@VIX.COM>
> Subject: Unauthorized Fragmented Scan
> Date: Mon, 12 Aug 2002 06:56:08 -0700
>
> To whom it may concern,
>
> The Security Information & Analysis Center has detected an
> unauthorized scan against one of our networks that has a possible origin at
> 192.5.5.241.
>
> Please review the following initial information:
>
> IPHalfScan  08-11-2002 17:34:02 UTC 192.5.5.241:53
> xxx.xxx.xxx.xxx:53 TCP
> IPHalfScan  08-11-2002 17:28:00 UTC 192.5.5.241:53
> xxx.xxx.xxx.xxx:53 TCP
>
> Please take action to verify this address on your network
> and it's intent to scan our networks.  Thank you for your assistance.
>
> SECURITY INFORMATION AND ANALYSIS CENTER
> 1-877-...
>
> ------- End of Forwarded Message
>
>
> Modern DNS software finds the TLD Clusters, tracks them, and
> does not use ANY "root servers" (legacy or alt). People who rely
> on a dozen 32-bit IPv4 addresses to be coherently routed are fools,
> in my opinion. Any organization that promotes that type of structure
> and architecture as "secure" is perpetrating a fraud on unsuspecting
> users, who assume the system is stable and secure. Root servers are
> out of date, do not always track the TLD Cluster(s), do not support
> fail-over to back-up TLD Clusters, in cases of a major corporate
> failure. People continue to use them at their peril, yet clearly profit
> from telling people to use them.
>
> Jim Fleming
> 2002:[IPv4]:000X:03DB:...IPv8 is closer than you think...
> http://www.iana.org/assignments/ipv4-address-space
> http://www.ntia.doc.gov/ntiahome/domainname/130dftmail/unir.txt
>
>
>

--
This message was passed to you via the ga@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga" in the body of the message).
Archives at http://www.dnso.org/archives.html