<<<
Chronological Index
>>> <<<
Thread Index
>>>
some comments
- To: fast-flux-initial-report@xxxxxxxxx
- Subject: some comments
- From: "d.giuffrida@xxxxxxxxx" <d.giuffrida@xxxxxxxxx>
- Date: Wed, 4 Feb 2009 10:27:08 +0100 (CET)
Hi,
I think that any initiative is taken to counter the abuse of
fast-flux
technology, increasingly used by criminals to control
and their botnets to
spread malware and phishing, could give a great help
in fighting the war of the
Web.
To this end, I think that the debate should be focused in one direction,
the question to answer is one: how can an advantage of the fact
that the
criminal network using fast-flux?
Only by finding an answer to this question
can mean the trust
of technology by criminals.
Then, looking at the results of
your work, it would seem that only a small part
of fast-flux domains is legal.
well, from my point of view I'd focused on TDL.
We must find a mechanism to
evaluate in real time the status of a domain.
We must get a list of domains
known to be a fast-flux lawful.
All other domains, especially the new record,
if they behave
from fast-flux, goes on the list of bad domains.
Not exclude the
possibility of including a fake TDL type, where
include all bad domains.
In
this way you would be cleaned by Centrally disgraceful of all circulating in
the network,
or at least those that run in fast-flux.
thanks for your
attention and good work.
Davide
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|