[dns-operations] Limiting DNSSEC-based amplification attacks (Was: Weird TXT record
Dobbins, Roland
rdobbins at arbor.net
Mon Jun 27 04:33:20 UTC 2011
On Jun 25, 2011, at 12:26 AM, John Kristoff wrote:
> In my experience, that is only the attack profile I've seen too, but I don't think we can count on miscreants to conform to past profiles.
This is generally true of queries intended to elicit a DNS reflection/amplification attack, sure - it's generally a specific /32 that's being targeted by a given attack (not always, but generally speaking).
-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
The basis of optimism is sheer terror.
-- Oscar Wilde
More information about the dns-operations
mailing list