Home page logo

nanog logo nanog mailing list archives

Re: DNS Attacks
From: Joel M Snyder <Joel.Snyder () Opus1 COM>
Date: Sat, 18 Feb 2012 14:41:39 -0700


Quoting the FBI: through through through through through through

Solve said problem easily by destination NATing those IPs on 53/UDP/TCP to your own recursive servers, or dump them on Google at if you're so inclined. Extra bonus result: NAT logs will show who needs a pleasant email from customer service.

Or you could just let 'em[1] suffer, BoFH-style.


[1] "'em" in this case is "your customer service reps" who will see a 'higher than normal call volume' should the FBI's warning mean anything.

Joel M Snyder, 1404 East Lind Road, Tucson, AZ, 85719
Senior Partner, Opus One       Phone: +1 520 324 0494
jms () Opus1 COM                http://www.opus1.com/jms

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]