Home page logo
/

nanog logo nanog mailing list archives

Re: Tightened DNS security question re: DNS amplification attacks.
From: Leen Besselink <leen () wirehub nl>
Date: Wed, 28 Jan 2009 21:53:15 +0100

----- Original Message -----
From: "aljuhani" <info () linuxmount com>
Subject: Re: Tightened DNS security  question re: DNS amplification
        attacks.
To: "nanog" <nanog () merit edu>

Well the RBLs, in using dns queries, is another form of legal DDoS attacks, mainly when the
suddenly cease to respond or re-configure to black-list the entire wold.   One should just
imagine the bandwidth consumption during a
+given time-frame, RBLs consume as oppose to volume of spam messages.


If you folks are really serious about this, can I suggest using BGP for this ? Maybe a
multi-hop BGP-session like Team Cymru already has for bogons [0]. With different communities
for different types of traffic that should be dropped.

That way you, the network operator, could choose what you what to drop and how.

They are already a pretty trusted party if people actually use these bogon-sessions.

Might it actually be a structural solution ? Atleast if I didn't forget something important.

[0] http://www.team-cymru.org/Services/Bogons/routeserver.html

----- Original Message -----
From: "Frank Bulk" <frnkblk () iname com>
To: "'Paul Vixie'" <vixie () isc org>; <nanog () merit edu>
Sent: Wednesday, January 28, 2009 18:02
Subject: RE: Tightened DNS security question re: DNS amplification attacks.


| Pretty soon we need an RBL for DNS-oriented DDoS attacks. =)
|


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault