Both of the most successful attacks weren't even targeted on the site itself, but on DNS servers for the site. I don't understand --- WHY do these things even exist anymore? There are 4,294,967,296 conceivable four-byte domain names, with a sizable fraction disqualified technically. Four bytes - thus 17,179,869,184 total, 17 Gigs, are sufficient to give the IP lookup for EVERY SINGLE NAME ON EARTH (except high-tech countries like China, but we'll let them figure out a solution on their own).

So why the heck don't we just have dinky 20 Gigabyte hard drives floating around every ISP, prefilled with Last Known Lookups for every IP address on Earth? Sure -- I know some are dynamic and you have to look them up every time, but that special feature should only be the worry of those willing to take the risk to use it. I think the average business would sooner accept not being able to effortlessly shift between servers every five seconds than accept sharing ten percent of their take with the Russian Mafia.

Updating the IP addresses, if not done by target servers, could still be done by some TOR-like anonymous process, with the IP address holders using public keys to ensure control over their blocks. Spammers could send crap into some node on the network, but if the public keys don't match up it wouldn't go any further, and anyone could access any node.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/11392/34675#34675