-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
So, is there a list of domains that we could null-route if we could
convince our DNS managers to set us up as the SOA for those domains on
our local DNS servers - thus protecting our own customers somewhat?
I won't discount the assertion that there is some sort of emergency
occurring. I would however, like to see a bit of a reference to where we
can learn more about what is going on (I assume this is the javascript
exploit I heard about a couple days ago).
Yes -- I would suggest that the best point of reference right now
is the SANS ISC Daily Handler's Diary. They have done a great job
of summarizing the issues:
- - ferg