Scalable Infrastructure vs Large Problems, or OpenDNS vs Conficker
![Image](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjyqmJryddNT1stYUnjuN6qUm3MDgaOW50YSNQvYja1l22c2YuCJWSrZOGbtAesyozXk50pYQmQXDlG9ee0gQEpS9ICD-7NHfnjPqmJMH-2FYrjt3ojqjsMpu82YcbgCSzWBLnV/s400/opendns_logo1.jpg)
After seeing Dan Kaminsky's talk at Black Hat DC last month, I blogged about the benefits of DNS' ability to scale to address big problems like asset management records . I've avoid talking about Conficker (except for yesterday ) since it's all over the media. Why mention DNS and Conficker in the same post? All of the commotion about Conficker involves one variant's activation of a new domain generation algorithm on 1 April. Until today no one had publicly announced the reverse engineering of the algorithm, but right now you can download a list of 50,014 domains that one Conficker variant will select from when trying to phone home starting 1 April. Some of the domains appear to be pre-empted: $ whois aadqnggvc.com.ua % This is the Ukrainian Whois query server #B. % Rights restricted by copyright. % % % .UA whois % Domain Record: % ============= domain: aadqnggvc.com.ua admin-c: CCTLD-UANIC tech-c: CCTLD-UANIC status: FROZEN-OK-UNTIL 200907010000