[dns-operations] Amplification attack today ?

Michael Monnerie michael.monnerie at it-management.at
Wed Feb 28 23:07:32 UTC 2007

On Mittwoch, 28. Februar 2007 16:23 Rob Thomas wrote:
> There is an  
> on-going 1.4Gbps DNS amplification attack using 175K open recursive  
> name servers, but it is hitting approximately three targets in the
> US.

Maybe someone should establish an RBL for bad DNS servers, and all root 
servers should block DNS queries from them? By this, you will for sure 
get the attraction of that servers admin, and they must fix their 
servers. It's a bit like RBLs for e-mails servers today, admins get to 
fix it quite quickly these days.

mfg zmi
// Michael Monnerie, Ing.BSc    -----      http://it-management.at
// Tel: 0676/846 914 666                      .network.your.ideas.
// PGP Key:        "curl -s http://zmi.at/zmi4.asc | gpg --import"
// Fingerprint: EA39 8918 EDFF 0A68 ACFB  11B7 BA2D 060F 1C6F E6B0
// Keyserver: www.keyserver.net                   Key-ID: 1C6FE6B0
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20070301/0a115422/attachment.sig>

More information about the dns-operations mailing list