[dns-operations] FreeBSD and the slaving of the root zone

Roland Dobbins rdobbins at cisco.com
Tue Jul 31 17:45:36 UTC 2007

On Jul 31, 2007, at 10:36 AM, David Conrad wrote:

> - DDoS attacks against the root servers would have less impact

Only DDoS attacks whose targeting values were derived in a certain  
manner would have less impact on the actual roots (one assumes the  
mechanism in question doesn't involve IGP/iBGP 'hijacking' of the IPs  
of the actual roots, as that would create many other problems).  And  
in terms of the impact on users, which is more likely to have a  
negative impact, an attack against the actual roots themselves, with  
all the various protection mechanisms and technical talent and wide  
visibility associated with them, or a sustained attack against a  
local instance which may not have much in terms of capacity,  
geographical dispersion, mitigation mechanisms, and technical talent  
associated with it?

Roland Dobbins <rdobbins at cisco.com> // 408.527.6376 voice

	Culture eats strategy for breakfast.

            -- Ford Motor Company

More information about the dns-operations mailing list