[dns-operations] Amplification attack today ?

Lutz Donnerhacke lutz at iks-jena.de
Mon Mar 5 08:17:11 UTC 2007


* Michael Monnerie wrote:
> That's what I mean. It has to be transported over media into the admins
> ears and brains, that you will be blacklisted if your DNS setup is crap.

Who determines a configuration as "crap"? Blacklists and blocking are a
classical technical solution to a classical social problem and therefore
will not work at all.

I personally get blacklisted every few days, because I host anti-spam
ressources. And because some (larger) German ISPs link to this ressources
in their autoresponse messages, the classic American anti-spam fighter
consider the autoresponse as spam itself, because it's written in German.
Viola: My AS is listed as bullet proof spammer hosting.

It took years to convince companies like Sony to drop blacklisting on mail,
because of such errornous reports. I do not fix the blacklists anymore,
I tell the blacklist users, that the blacklists are evil (as they are).

I you consider blocking root servers or BGP on blacklists, I must stronly
oppose. Otherwise you will build a "Internet for Joe User" and the real
bussiness hat to switch to a different infrastructure (i.e. alternative root
servers), because they can't fight the militant "anti-" fighters.


More information about the dns-operations mailing list