[unisog] Experiences with PlanetLab

Greenberg, David A dgreenbe at iu.edu
Tue Feb 21 13:25:48 GMT 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> some feedback as to what related security issues you've dealt with and

We have had some trouble with a slice that does DNS.  For example, in December 2005 when Sober.Y URLs were announced[1] we starting watching for them.  Our PlanetLab servers appeared to be requesting these URLs.  Our PlanetLab server admin tracked down the slice with PlanetLab support, and it turned out to be a slice that does distributed DNS resolution[2].  The "fix" was to block resolution of the URLs in the list.  I'm sure that a few compromised computers are still being masked by PlanetLab DNS, but (as I understand it) PlanetLab is not currently able to spend the resources tracking down these computers.  PlanetLab has been very responsive to our requests in general and we have not removed the offending slice, yet.

David Greenberg
Security Engineer
Indiana University
dgreenbe at iu.edu

[1] http://www.f-secure.com/weblog/archives/archive-122005.html#00000729
[2] http://codeen.cs.princeton.edu/codns/


-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.5 (Build 5050)

iQA/AwUBQ/sU3L/X4g6IKEECEQKiiQCfRM5jiM5k0RlrSl0fGj9f/HF1+GkAoNwQ
qJKsLBkaEIPamgyp7xoTdS4N
=656f
-----END PGP SIGNATURE-----




More information about the unisog mailing list