[unisog] Experiences with PlanetLab

Greenberg, David A dgreenbe at iu.edu
Tue Feb 21 13:25:48 GMT 2006

Hash: SHA1

> some feedback as to what related security issues you've dealt with and

We have had some trouble with a slice that does DNS.  For example, in December 2005 when Sober.Y URLs were announced[1] we starting watching for them.  Our PlanetLab servers appeared to be requesting these URLs.  Our PlanetLab server admin tracked down the slice with PlanetLab support, and it turned out to be a slice that does distributed DNS resolution[2].  The "fix" was to block resolution of the URLs in the list.  I'm sure that a few compromised computers are still being masked by PlanetLab DNS, but (as I understand it) PlanetLab is not currently able to spend the resources tracking down these computers.  PlanetLab has been very responsive to our requests in general and we have not removed the offending slice, yet.

David Greenberg
Security Engineer
Indiana University
dgreenbe at iu.edu

[1] http://www.f-secure.com/weblog/archives/archive-122005.html#00000729
[2] http://codeen.cs.princeton.edu/codns/

Version: PGP Desktop 9.0.5 (Build 5050)


More information about the unisog mailing list