[dns-operations] Too Open (Was: OpenDNS makes your Internet work better

Rick Wesson wessorh at ar.com
Tue Jul 11 16:47:11 UTC 2006

Roy Arends wrote:

> Imagine a recruited army of 50K clients, sending requests to a list of 
> ORNs at a rate of 10K requests per client, all with the same spoofed 
> source address asking for large responses (say the root NS set). This will 
> cause a steady stream of 250K traffic to a victim. This is not theory. 
> This caused major incidents.

I believe the folks behind OpenDNS identified this issue some time ago 
and have put in place mechs to defend against such. I'm not sure if 
David's ready for those defenses to be published but I'm sure they have 
the heuristics to identify and defend against such abuse.

the guy isn't a newby.


More information about the dns-operations mailing list