On Wed, 18 Aug 2004, Roy Arends wrote:

> I don't, I'd enumerate them thru nsec. Call me lazy.


It won't be too long before some Registry coddles up a nameserver that
detects nsec/other-based enumuration query trends, and starts dynamically
inserting bogus records to lead the attacker through a twisted trail of
normally-non-existent domains (ala web page scripts that provide lots of
bogus email addresses to fill a scrapper's database with crap).

Has all sorts of connotations ala sitefinder, but as a next escalation
path, it'd work.

--==--
Bruce.

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: