[dns-operations] First experiments with DNS dampening to fight amplification attacks

Lutz Donnerhacke lutz at iks-jena.de
Mon Nov 5 15:58:29 UTC 2012

* Klaus Darilion wrote:
> Agreed. That's why I mentioned that our iptables based rate limiting 
> only mitigates the current ANY amplification attacks, not all kind of 
> attacks.

I did see some attacks with repeated DNSKEY queries. Dampening catched them.

More information about the dns-operations mailing list