[Chapter-delegates] Big holes in net's heart revealed

ISOC-ID teddyap at isoc-id.org
Wed May 3 19:13:42 PDT 2006 

FYI,

In Indonesia, cc-TLD (id-TLD) is on going 
for re-delegation process from Individual
Mandatory into Institutional Mandatory since
July 7, 2005:
http://www.apjii.or.id/layanan/idnic-idTLD.php?lang=ind&PHPSESSID=4d11e36c9d184cca9b5f8458f769c40a

And, for the proper process and procedure,
Redelegation team has formulized 3 type of
Intitutional bodies, such as:
1:: Foundation (non-for-profit);
2:: Cooperative (semi-profit); and
3:: Society (non-for-profit).
which has been published to the public
since  April 24, 2005 to get more input (participation)
from the stakeholders, and then, only one will be chosen
for new id-TLD Registry later on.

<http://www.apjii.or.id/domain/index.php>http://www.apjii.or.id/domain/index.php
http://www.depkominfo.go.id/?pid=domain

Thank you,
-teddya

At 11:00 PM 5/2/2006, chapter-delegates-request at elists.isoc.org wrote:
><..>
>Today's Topics:
>
>   1. Re: Fwd: Big holes in net's heart revealed
>      (Christian de Larrinaga)
>
>Content-Transfer-Encoding: 7bit
>From: Christian de Larrinaga <cdel at firsthand.net>
>Precedence: list
>MIME-Version: 1.0 (Apple Message framework v749.3)
>Cc: isoc-members-discuss at elists.isoc.org,
>        isoc Chapter Delegates <chapter-delegates at elists.isoc.org>
>To: patrick at vande-walle.eu
>References: <4454E691.8040600 at vande-walle.eu>
>In-Reply-To: <4454E691.8040600 at vande-walle.eu>
>Date: Tue, 2 May 2006 09:10:43 +0100
>Message-ID: <25329466-7361-436D-A6FB-7553F86600AA at firsthand.net>
>Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
>Subject: Re: [Chapter-delegates] Fwd: Big holes in net's heart revealed
>Message: 1
>
>Yes in 2000 for .uk zones. I think it was found that about 75% had  
>errors but most of these were not critical, although some were major  
>potential problems. DNS and other infrastructure health initiatives  
>are worth doing but they are a lot of work. There are also commercial  
>providers working in this area (competing) and it also has to be  
>mentioned that it can get controversial when an ISP's DNS servers are  
>found wanting let alone those of a ccTLD registry (which is not  
>uncommon).
>
>I took this to about 40 ccTLD's over a couple of years and it was  
>useful in generating awareness for these services to keep an eye on  
>how their infrastructure is working. I also checked out the key  
>financial and government institutions in the UK as they are major  
>points of vulnerability. This led to some private phone calls having  
>to be made rather than a mass press release.
>
>I'm happy to talk through this if people want to look into this further.
>
>Christian
>
>Christian de Larrinaga
>network brokers ltd
>
>
>On 30 Apr 2006, at 17:32, Patrick Vande Walle wrote:
>
>>Dear all,
>>
>>I see here a potential for a project associating ISOC and its  
>>chapters.  I just tested (with http://www.dnsreport.com) how my  
>>local top ten sites performed on the DNS side. The results were  
>>surprising: open, recursive DNS servers, invalid glue records,  
>>etc., not to mention numerous violations of RFCs on the SMTP side.  
>>I guess this is not specific to my country.
>>
>>ISOC chapters could render a good service to their local community  
>>by testing the DNS servers of their community. This is not a new  
>>idea actually. ISOC England did a similar project some years ago.
>>
>>Based on the collected data, the chapter could:
>>
>>- send a detailed report to each company it tested (and maybe gain  
>>an org member in the process)
>>- send a statistical report to the local press, which generally  
>>likes alarming headlines.
>>
>>This would also help establish the local chapter as a reference for  
>>Internet related issues.
>>
>>The project itself would be to develop a common technical platform  
>>to perform the tests and extracts the statistics.
>>
>>Best regards
>>
>>Patrick Vande Walle
>>ISOC Luxembourg
>>
>>
>>-------- Original Message --------
>>Subject: Big holes in net's heart revealed
>>Date: Sun, 30 Apr 2006 08:32:02 -0400
>>From: David Farber <dave at farber.net>
>>Reply-To: dave at farber.net
>>Newsgroups: lists.interesting-people
>>References: <70935544-E016-41F9-BD0D-619F652C3ECB at WARPSPEED.COM>
>>
>>
>>Something "well known" but not advertised till now. djf Begin  
>>forwarded message: From: Dewayne Hendricks <dewayne at WARPSPEED.COM>  
>>Date: April 30, 2006 5:11:08 AM EDT To: Dewayne-Net Technology List  
>><dewayne-net at WARPSPEED.COM> Subject: [Dewayne-Net] Big holes in  
>>net's heart revealed Reply-To: dewayne at WARPSPEED.COM Big holes in  
>>net's heart revealed By Mark Ward Technology Correspondent, BBC  
>>News website Simple attacks could let malicious hackers take over  
>>more than one- third of the net's sites, reveals research. The  
>>finding was uncovered by researchers who analysed how the net's  
>>addressing system works. They also found that if the simple attacks  
>>were combined with so- called denial-of-service attacks, 85% of the  
>>net becomes vulnerable to take-over. The researchers recommended  
>>big changes to the net's addressing system to tackle the  
>>vulnerability at its heart. Site seizing When you visit a website,  
>>such as news.bbc.co.uk, your computer often asks one of the net's  
>>address books, or domain name servers, for information about where  
>>that site resides. But the number of computers that have to be  
>>consulted to find the computers where that site is located often  
>>makes sites vulnerable to attack by vandals and criminals, found  
>>Assistant Professor Emin Gun Sirer and Venugopalan Ramasubramanian  
>>from the Department of Computer Science at Cornell University.  
>>Professor Sirer told the BBC News website that, on average, 46  
>>computers holding different information about the components of net  
>>addresses are consulted to find out where each dotcom site is  
>>actually hosted. But, he said, this chain of dependencies between  
>>the computers that look after the different parts of net addresses  
>>creates all kinds of   vulnerabilities that clever hackers could  
>>easily exploit. "The growth of the internet has caused these  
>>dependencies to emerge," said Professor Sirer. "Instead of having  
>>to compromise one you can compromise any one of the three dozen."  
>>All the information gathered and analysed by the researchers has to  
>>be publicly available to keep the net's addressing system working.  
>>The research analysed information about almost 600,000 computers.  
>>The research also revealed that 17% of the servers that host the  
>>net's address books are vulnerable to attack via widely known  
>>exploits. "Because of these dependencies about one-third of the  
>>net's names are trivially compromisable by script kiddies," he  
>>said. One site vulnerable in this way was run by the FBI, said  
>>Professor. Sirer. Although the five computers that act as the first  
>>reference point for the fbi.gov domain were secure, one of the five  
>>that connect to these has yet to install a patch for a well-known  
>>bug. That computer was fixed after the Cornell team reported its  
>>findings to the FBI, but hundreds of thousands of sites suffer from  
>>similar problems. The most vulnerable net domain found by the  
>>survey was that of the Roman Catholic Church in the Ukraine.  
>>Criminals such as phishing gangs would be interested in re- directing traffic from well-known sites so they can grab key login  
>>and personal details that would help them de-fraud web users.  
>>[snip] Story from BBC NEWS: <http://news.bbc.co.uk/go/pr/fr/-/1/hi/ technology/4954208.stm> Published: 2006/04/28 13:58:07 GMT Weblog  
>>at: <http://weblog.warpspeed.com>  
>>------------------------------------- You are subscribed as  
>>patrick at isoc.lu To manage your subscription, go to http:// v2.listbox.com/member/?listname=ip Archives at: http:// www.interesting-people.org/archives/interesting-people/
>>_______________________________________________
>>Chapter-delegates mailing list
>>Chapter-delegates at elists.isoc.org
>>http://elists.isoc.org/mailman/listinfo/chapter-delegates
>
>
>
>
>
>_______________________________________________
>Chapter-delegates mailing list
>Chapter-delegates at elists.isoc.org
>http://elists.isoc.org/mailman/listinfo/chapter-delegates
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://elists.isoc.org/mailman/private/chapter-delegates/attachments/20060504/9a03fe54/attachment.htm>

More information about the Chapter-delegates mailing list