Surgery for the rotten heart of the Internet?

Today was the deadline for comment on the ICANN consultation  on the Initial Report on Fast Flux Hosting. This is the “technology” used by spammers, phishers, botnet herders, denial of service extortionists and cyberwarfare practioners around the world. It also has some, but not that many and decreasing, legitimate uses. ICANN meets in London next week to discuss what comes next.  

The report is surprisingly easy to read although I recommend you begin with the orginal statement of the problem, then read the comments and then read the report – some of which is disingenuous in the extreme.

The reality is that a significant part of the “Internet establishment” has no wish to take action. The current situation is far too profitable for too many players, including the suppliers of reactive security  (e-sticking plaster and e-immodium ) as well as those actively engaged in malpractive and cyberwarfare on both sides of the Oceans: Pacific and Atlantic.

However time has run out. On Tuesday I attended the the UK Internet Governance Forum report back from the IGF meeting in Hyderabad.

Unless ICANN has shown, by the time of the next Internet Governance Forum meeting, in Egypt, that it can take a lead in helping ensure effective action, then the way will be clear for the ITU to do it for them, backed by Governments, Victims, Law Enforcement Agencies et al around the world.

I also think it highly unlikely that the US Government will even try to stop them.

The abuse of Fast Flux is now costing business, including Telcos and legitimate ISPs, far too much.

That will be a great pity, because the result will almost certainly be second best, if it works at all …

I joined ISOC back in 1995 after a presentation where I was told that, provided the Atlanta Olympics (the first big civilian commercial test bed) worked, we faced a rush to re-engineer the Internet and the comms structure which carries it, before they collapsed under overload as the commercial and consumer markets took off.

But the three big challenges were security, security and security.

I was told that ISOC (The Internet Society) had problems but would eventually grow into the self-governing body that the Internet needed in order to head off state control.

The achievements since then have been incredible – but the glacial progress in addressing the situation than enables fast flux and the excuses for not doing so, indicate an inexcusable institutional failure at the heart of Internet Governance.

ISOC failed and was succeeded by the Internet Governance Forum. Next week will see whether ICANN recognises the scale of the threat to its existance and is capable of taking action.

If not ….    

P.S. Added 14/2/2009: My attention has just been drawn to the ICANN press release on their co-operation with Microsoft disrupt the Conflicker Worm. Perhaps the next couple of days will be rather more productive than I had feared. I glad to respond to suggestion that I make clear that the main change needed is to do with the behaviour of those in the domain name registration supply chain. Once again “its the wetware stupid”: the people processes and motivations rather than the “mere” technology. I should also say that I got my dates wrong. I c elbrated Valentines Day on Thursday when the Restaurants were less full. The deadline for inputs to the ICANN consultation is the 15th

 

 

Join the conversation

2 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

I am wondering why an ISP couldn't just examine DNS reply packets, and redirect (or even drop) anything that has a sufficiently short TTL. Why do we need to wait for the standards organizations to have all of these damned meetings and discuss this to death.

If enough ISPs blocked short TTL DNS replies, the botnets would be cut off from oxygen, and the bot herders would be forced out more into the open.

Cancel
I wish I would be allowed to demonstrate just how bad fast/flux is...

I can see how fast/flux works in real time, and this can be demonstrated using LIVE data, on REAL web sites NOW....

This technology combined with falsified domain registration, random re-registration, or using deleted/blocked/expired/frozen/banned or otherwise "do not use" domains on a regular basis, is rapidly spreading fraud on the internet.

A day does not go by where I do not get a call from someone who accidently fell for one of these scams, and had to have their computer reloaded due to this ongoing rampant problem.

Cancel

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close