[dns-operations] Too Open (Was: OpenDNS makes your Internet work better
Rick Wesson
wessorh at ar.com
Tue Jul 11 16:47:11 UTC 2006
Roy Arends wrote:
> Imagine a recruited army of 50K clients, sending requests to a list of
> ORNs at a rate of 10K requests per client, all with the same spoofed
> source address asking for large responses (say the root NS set). This will
> cause a steady stream of 250K traffic to a victim. This is not theory.
> This caused major incidents.
I believe the folks behind OpenDNS identified this issue some time ago
and have put in place mechs to defend against such. I'm not sure if
David's ready for those defenses to be published but I'm sure they have
the heuristics to identify and defend against such abuse.
the guy isn't a newby.
-rick
More information about the dns-operations
mailing list