Presentation is loading. Please wait.

Presentation is loading. Please wait.

Conficker Mitigation in .at

Published byChastity Barrett Modified over 6 years ago

Similar presentations

Presentation on theme: "Conficker Mitigation in .at"— Presentation transcript:

1 Conficker Mitigation in .at
OARC Amsterdam 2009 Workshop Otmar Lendl

2 I have two hats

3 The CERT.at Point of View
As a national CERT we want to: Protect our constituency Protect others from being attacked from Austria Reduce the amount of „badness“ in the Internet Thus: Let‘s block those domains. Use sinkhole data for warnings

4 The nic.at Point of View (1)
We are a registry. We‘re in a quasi-monopoly position. We’re doing it for the country The “land register” for the Austrian Internet That the ccTLD is run by a private company is not a given. The only thing domain-holders get from us are NS records in the .at zone.

5 The nic.at Point of View (2)
Our T&Cs only concern: The domain itself must not infringe rights. The owner information must be correct We don‘t care what people do with .at domains We can‘t be the arbiter on what’s allowed on the Internet and what not. If you have a complaint: Sue the owner. If you want us to remove a domain, get a clear and valid order from a court. Past jurisdiction (and not just in Austria) supports this approach.

6 No action should be taken by the Registry.
The nic.at conclusion: No action should be taken by the Registry. If we start to block domains because they might be used for something nefarious, we open a big can of worms. Typosquatting Phishing Scams That was the plan as of March, 27th 2009

7 AcoCERT (the CERT of the Austrian NREN) stepped up
What did we end up with? AcoCERT (the CERT of the Austrian NREN) stepped up Longstanding cooperation nic.at / Aconet / University of Vienna “Conficker Research Project” They run nameservers, sinkholes nic.at waived the registration fees We shared the sinkhole data NO change in the takedown procedures

8 Avoid crying wolf too often
Future This was an emergency People tend to help each other in emergencies Rules were bent This is not the “war on terror”: we will declare this emergency to be over rather soon Avoid crying wolf too often Registries will revert to their previous stance This is not the start of a new era The next worm will likely be ignored by the registries

Download ppt "Conficker Mitigation in .at"

Similar presentations

Trademark Considerations for Start-Ups The Benefits of a Strategic Approach.

Trademark Considerations for Start-Ups The Benefits of a Strategic Approach.
IDN TLD Variants Implementation Guideline draft-yao-dnsop-idntld-implementation-01.txt Yao Jiankang.

IDN TLD Variants Implementation Guideline draft-yao-dnsop-idntld-implementation-01.txt Yao Jiankang.
12-13 May 2014 Amsterdam, The Netherlands

12-13 May 2014 Amsterdam, The Netherlands
Developing Credit Insurance in Africa and the Mediterranean

Developing Credit Insurance in Africa and the Mediterranean
Some Comments on ccTLD Manager Local & Global Responsibilities Frank March Chair,.nz Oversight Committee (NZOC) (also IT & Telecoms Policy Group)

Some Comments on ccTLD Manager Local & Global Responsibilities Frank March Chair,.nz Oversight Committee (NZOC) (also IT & Telecoms Policy Group)
IPv6 Glue Why registrars need to support it Elise Gerich VP, IANA.

IPv6 Glue Why registrars need to support it Elise Gerich VP, IANA.
Governmental Advisory Committee New gTLD Program Briefing 19 June 2010.

Governmental Advisory Committee New gTLD Program Briefing 19 June 2010.
Cyber check Do you work safely and responsibly online? Do you know about the risks to your cyber security? What are your online responsibilities ? How.

Cyber check Do you work safely and responsibly online? Do you know about the risks to your cyber security? What are your online responsibilities ? How.
Unit 11 Communication & Collaboration.  Identify different communication methods  Identify advantages of electronic communication  Identify common.

Unit 11 Communication & Collaboration.  Identify different communication methods  Identify advantages of electronic communication  Identify common.
Acceptable Use Policy –The Acceptable Use Policy defines the rules of the machine and internet connection you are on. –Specific policies differ by machine.

Acceptable Use Policy –The Acceptable Use Policy defines the rules of the machine and internet connection you are on. –Specific policies differ by machine.
Advanced Civil Litigation Class 6Slide 1 Steps in Filing a Complaint First, the necessary complaint must be prepared. Make sure you attach the: First,

Advanced Civil Litigation Class 6Slide 1 Steps in Filing a Complaint First, the necessary complaint must be prepared. Make sure you attach the: First,
UK ENUM Jay Daley, Nominet UK. ENUM explained Nominet and ENUM.

UK ENUM Jay Daley, Nominet UK. ENUM explained Nominet and ENUM.
What is it and why should I care?

What is it and why should I care?
Registrars and Security Greg Rattray Chief Internet Security Advisor.

Registrars and Security Greg Rattray Chief Internet Security Advisor.
Cornell Institute for Digital Collections Intellectual Property: Introduction to Copyright Peter B. Hirtle Director Cornell Institute for Digital Collections.

Cornell Institute for Digital Collections Intellectual Property: Introduction to Copyright Peter B. Hirtle Director Cornell Institute for Digital Collections.
Working Party on Land Administration Athens Workshop May 28 - 31 2003 Theme 2 Legal Issues ‘Building a Land Registration System to support the Social and.

Working Party on Land Administration Athens Workshop May Theme 2 Legal Issues ‘Building a Land Registration System to support the Social and.
Comment on GAC Proposal for Protection of Geographic Names in New gTLDs Presentation by IBCA Internet Business Council for Africa (IBCA)

Comment on GAC Proposal for Protection of Geographic Names in New gTLDs Presentation by IBCA Internet Business Council for Africa (IBCA)
8 Safety Rules to keep YOU safe! Get clear answers and instructions. If you don’t understand how to do the work, it’s okay to ask questions. With clear.

8 Safety Rules to keep YOU safe! Get clear answers and instructions. If you don’t understand how to do the work, it’s okay to ask questions. With clear.
COPYRIGHT, LEGAL ISSUES & TAKEDOWN. 2 Work priorities 2014-15 Orphan Works ALRC review Copyright and the Digital Economy Creative Commons licenses Legal.

COPYRIGHT, LEGAL ISSUES & TAKEDOWN. 2 Work priorities Orphan Works ALRC review Copyright and the Digital Economy Creative Commons licenses Legal.
Financial Institutions, Checking Accounts, and Credit Lesson 3.

Financial Institutions, Checking Accounts, and Credit Lesson 3.

Similar presentations

Ads by Google