[EURO-Discuss] FW: Transmittal of SAC 025 to ALAC

At-Large Staff staff at atlarge.icann.org
Tue Mar 11 17:50:13 EDT 2008

Dear At-Large community members:

We have the pleasure of providing the attached for your review.

------ Forwarded Message
From: Dave Piscitello <dave.piscitello at icann.org>
Date: Tue, 11 Mar 2008 12:00:49 -0700
To: Nick Ashton-Hart <Nick.Ashton-Hart at icann.org>, <rguerra at privaterra.ca>,
<vanda at uol.com.br>, <cheryl at hotek.com.au>
Cc: Steve Crocker <steve at shinkuro.com>
Subject: Transmittal of SAC 025 to ALAC
12 March 2008
Transmittal of SAC025: Fast Flux Hosting and DNS to the ALAC
At the direction of the ICANN Board of Directors, the Security and Stability
Advisory Committee invites the ALAC to consider the accompanying Advisory,
SAC 025: Fast Flux Hosting and DNS.

A PDF of the Advisory may be downloaded from the ICANN web site at


Cyber-criminals and Internet miscreants use Fast Flux hosting to frustrate
anticrime efforts aimed at locating and shutting down web sites used for
illegal purposes. Fast flux hosting supports a wide variety of cyber-crime
activities (fraud, identity theft, online scams) and is considered one of
the most serious threats to online activities today. One variant of fast
flux hosting, "double flux", exploits the domain name registration and name
resolution services.
SAC 025 describes the technical aspects of fast flux hosting and fast flux
service networks and explains how the DNS is exploited to abet criminal
activities that employ fast flux hosting. The Advisory discusses current and
possible methods of mitigating fast flux hosting at various points in the
Internet and identifies those methods that SSAC considers practical and
SSAC asks that the ALAC consider in particular the Section entitled Shut
Down the fast flux hosts, where measures to reduce the number of hosts that
attackers can compromise and use in fast flux attacks are discussed. While
these measures alone cannot eliminate fast flux hosting, they can greatly
improve the overall Internet security baseline if implemented broadly and
We thank you in advance for your time and consideration.

David Piscitello
ICANN Senior Security Technologist,
On behalf of the SSAC

------ End of Forwarded Message

More information about the EURO-Discuss mailing list