Interesting new dns failures

--------------johnl@iecc.com wrote:--------------------

A lot of the more nefarious uses of the DNS are there precisely because the
actual country *doesn't* matter, and as a result the TLD is run by somebody
who is asleep at the wheel or worse. For instance, there appears to be a
'*.cm' wildcard in place, and several "flag of convenience" TLDs with a high
ratio of users that aren't actually associated with the country...

> --------------johnl@iecc.com wrote:--------------------
> > the bits of governments that deal with online crime, spam, etc.,
> > I can report that pretty much all of the countries that matter
> > realize there's a problem, and a lot of them have passed or will
> > pass laws whether we like it or not. So it behooves us to engage
> > them and help them pass better rather than worse laws.
> ----------------------------------------------------------

> Which countries are "pretty much all of the countries that matter"? Do you
> have a list or is this just 'something you're sure of'?

A lot of the more nefarious uses of the DNS are there precisely because the
actual country *doesn't* matter, and as a result the TLD is run by somebody
who is asleep at the wheel or worse. For instance, there appears to be a
'*.cm' wildcard in place, and several "flag of convenience" TLDs with a high

cameroon outsourced their dns infrastructure management to someone, that
contract includes a "we can answer X for all queries that would return
NXDOMAIN'" ... that's not 'asleep at the wheel' so much as 'not a good
idea' (except for click revenue I suppose). This is different from .cx? or
.tv how?

As I said, "asleep at the wheel or worse"...

ha :slight_smile: as always, perfectly cynical :slight_smile: I think my point was that someone in
cameroon (or acting on their official behalf, perhaps pocketting some cash
along the way, who knows?) made a decision that this is 'ok' with them.

-Chris

who is asleep at the wheel or worse. For instance, there appears to be a
'*.cm' wildcard in place, and several "flag of convenience" TLDs with a high

cameroon outsourced their dns infrastructure management to someone

In this case, the someone is in Vancouver B.C., and Canada is most
definitely part of LAP.

There are plenty of domains of convenience, but I don't see a lot of bad
guys physically decamping to Cameroon or the Cocos islands.

R's,
John

Quite a long list. http://www.londonactionplan.net/?q=node/5