Although one could imagine using fast-flux to obfuscate who is hosting a tasted monetization page, it hardly seems worth the trouble. For those who are not familiar with fast flux, there are number of interesting articles about it. http://www.theregister.com/2007/07/11/fast_flux_botnet/page2.html http://www.securityfocus.com/news/11473/2 http://www.honeynet.org/papers/ff/fast-flux.html The first two are short, the last one isn't. Alan At 10/08/2007 02:14 PM, Robert Guerra wrote:
There's an interesting discussion taking place on the SSAC list in regards to the fast flux issue.
Here's a recent comment from the SSAC list -
Domain tasting is an optimisation of the domain name monetisation business model, where a registrant earns money from PPC ads placed on a parked webpage. For monetisation you don't actually want to change the DNS information often.
Fast Flux is more associated with using a domain name for an email address or URL that has been used in SPAM email. Due to the millions of emails that are floating around there is value in ensuring that the domain name used is not shut-down prematurely. Thus those involved will try to make the WHOIS and other more visible information as legitimate looking as possible (stopping the registrar shutting down the domain), but bounce the hosting of the email or website amongst various locations to avoid a hosting company or ISP shutting down the service at the source - or blocking the offending IP address at the entry point to a service providers network.
Any comments?
regards,
Robert --- Robert Guerra <rguerra@privaterra.ca> Managing Director, Privaterra Tel +1 416 893 0377
_______________________________________________ ALAC mailing list ALAC@atlarge-lists.icann.org http://atlarge-lists.icann.org/mailman/listinfo/alac_atlarge-lists.icann.org
At-Large Official Site: http://www.alac.icann.org ALAC Independent: http://www.icannalac.org