[dns-operations] First experiments with DNS dampening to fight amplification attacks

Michael Hoskins (michoski) michoski at cisco.com
Fri Oct 26 21:50:19 UTC 2012

-----Original Message-----

From: "sthaug at nethelp.no" <sthaug at nethelp.no>
Date: Friday, October 26, 2012 5:10 PM
To: "dns-operations at mail.dns-oarc.net" <dns-operations at mail.dns-oarc.net>
Subject: Re: [dns-operations] First experiments with DNS dampening to
fight amplification attacks

>>> What we have failed to do as an industry is create sufficient
>>> to make being a good net.citizen of higher benefit than the costs
>>> associated.
>> Speak for yourself. We do have ethics.
>Ethics alone are woefully inadequate for combatting spam, DDoS attacks
>etc. I strongly agree that economic incentives are needed - and they
>simply don't exist today.

fair enough, but some company's ethics actually motivate them to spend
capital on engineering and supporting communities which can be used to
provide economic incentives not to waste time spamming or DDosing (or to
minimize the gain from such attempts for those who will no doubt continue
to try).

ironport historically did that through efforts like senderbase and spamcop
(which fed intelligence into appliances sold for cash while simultaneously
being useful as community tools), and i can say cisco is investing even
more capital into harnessing the cloud and big data to extend similarly
intelligent "reputation" based capabilities across their product line.  in
the face of ipv6, such intelligence becomes more critical than ever.

no one is perfect, especially companies, and bureaucracy often moves
slower than we'd all prefer...but i sincerely don't believe there is an
evil plot to make the internet a bad place.  if we keep pushing in the
right direction, the ball of progress will move no matter how slowly.

	“Maybe everybody in the whole damn world's scared of each other.”
	―John Steinbeck, Of Mice and Men

More information about the dns-operations mailing list