Skip to Content.
Sympa Menu

discuss - Re: [opennic-discuss] letit2 [.] bit blacklist

discuss AT lists.opennicproject.org

Subject: Discuss mailing list

List archive

Re: [opennic-discuss] letit2 [.] bit blacklist


Chronological Thread 
  • From: kevin <krattai AT gmail.com>
  • To: discuss AT lists.opennicproject.org
  • Subject: Re: [opennic-discuss] letit2 [.] bit blacklist
  • Date: Wed, 19 Jul 2017 09:40:46 -0500

It's also not the responsibility of OpenNIC to shelter people operating
computers on the internet from protecting their systems from viruses,
etc. in the first place. A C&C won't be called by a system that isn't
infected. And a system that is protected won't be vulnerable to
infection.

Kevin

On Tue, 2017-07-18 at 15:01 -0500, Daniel Shirley wrote:
> Agreed its kind if what we do is to stand up to censorship
>
> On Jul 18, 2017 14:26, "Daniel Quintiliani" <danq AT runbox.com> wrote:
> Continue to resolve .bit domains. It's not anyone's job to
> police the Internet at the demands of strangers you've never
> met.
>
> --
>
> -Dan Q
>
>
> On Tue, 18 Jul 2017 17:11:25 +0100, Calum McAlinden
> <calum AT mcalinden.me.uk> wrote:
>
> > (sorry, I wrote this email earlier but accidentally sent it
> to Arthur
> > Garnier instead of the mailing list)
> >
> > Hi,
> >
> > I am the operator of the OpenNIC server which generates
> OpenNIC's .bit
> > zone from the blockchain.
> >
> > This is something that has been concerning me for awhile. I
> recently
> > became aware of malware developers are using OpenNIC T2
> servers in their
> > malware to resolve .bit domains which contain the IP address
> of command
> > and control servers.
> >
> > I had also been answering a several inquiries about zone
> updates over a
> > few months. Eventually I looked into the domains in question
> and what
> > they appear to be used for, which was C&C servers for
> malware.
> >
> > OpenNIC really has 3 options:
> >
> > - Continue resolving .bit domains known to be used for
> malware purposes,
> > in effect facilitating the distribution of malware
> >
> > - Blacklist these domains democratically, thus not being a
> true
> > representation of the names registered in the blockchain and
> raising
> > censorship issues
> >
> > - Drop the entire .bit zone
> >
> >
> > What are people's thoughts on this?
> >
> > Regards,
> > Calum
> >
> > On 18/07/17 15:49, Jonah Aragon wrote:
> > > You can probably blacklist that single domain for the time
> being as
> > > attack mitigation, but blacklisting any domain or TLD
> would make your
> > > Tier 2 no longer compatible with OpenNIC.
> > >
> > > But this is the reason we keep bringing up removing .bit
> entirely, from
> > > what I can tell it seems to bring much more trouble than
> it's worth, but
> > > maybe that's the cost of a successful alt-TLD. Perhaps we
> should revisit
> > > the .bit removal discussion.
> > >
> > > Look into rate limiting or ask for help on IRC if your
> server is under
> > > attack.
> > >
> > > Jonah
> > >
> > >
> > > On Tue, Jul 18, 2017, 4:22 AM Arthur Garnier
> <arthur AT arthurgarnier.fr
> > > <mailto:arthur AT arthurgarnier.fr>> wrote:
> > >
> > > Hello,
> > >
> > > My dedicated server provider (OVH.com) asked me,
> yesterday, to blacklist
> > > the domain "letit2.bit" because it's a domain used by
> a malware
> > >
>
> (https://malwarebreakdown.com/2017/06/06/relst-campaign-delivering-pony-downloads-chthonic/
> > > )
> > >
> > > After checking my logs from yesterday, this domain
> name has been
> > > resolved more than 125,000 times in 24 hours.
> > >
> > > Maybe we should blacklist this domain from an higher
> level than Tier2.
> > > Or it's against the policy ?
> > >
> > > Regards,
> > >
> > > Arthur
> > >
> > >
> > >
> > > --------
> > > You are a member of the OpenNIC Discuss list.
> > > You may unsubscribe by emailing
> > > discuss-unsubscribe AT lists.opennicproject.org
> > > <mailto:discuss-unsubscribe AT lists.opennicproject.org>
> > >
> > >
> > >
> > >
> > >
> > > --------
> > > You are a member of the OpenNIC Discuss list.
> > > You may unsubscribe by emailing
> discuss-unsubscribe AT lists.opennicproject.org
> > >
> >
> >
> > --------
> > You are a member of the OpenNIC Discuss list.
> > You may unsubscribe by emailing
> discuss-unsubscribe AT lists.opennicproject.org
>
>
>
>
>
>
> --------
> You are a member of the OpenNIC Discuss list.
> You may unsubscribe by emailing
> discuss-unsubscribe AT lists.opennicproject.org
>
>
>
>
> --------
> You are a member of the OpenNIC Discuss list.
> You may unsubscribe by emailing discuss-unsubscribe AT lists.opennicproject.org





Archive powered by MHonArc 2.6.19.

Top of Page