[dns-operations] new reflection attack
Roy Arends
roy at dnss.ec
Thu Oct 11 09:38:15 UTC 2012
On Oct 11, 2012, at 10:31 AM, Simon Munton wrote:
> From 2am (UTC) this morning we've been getting a reflection attack hitting mostly our node in LU, and a little on the one in RIPE.
>
> Its very easy to spot, its an ANY query for "." (ROOT), and has EDNS0 packet size declared is 9000
>
> Currently its below background noise, but be interested to know if others are seeing it.
>
> http://stats.cdns.net/public/0.0.0.1/001E68-37CBC9.html
>
> They are hitting pretty much all the IPs we use for hosting ccTLDs, so we wondered if they were simply going round & round the IPs in the ROOT zone.
Are you hosting the root zone?
Roy
More information about the dns-operations
mailing list