[dns-operations] First experiments with DNS dampening to fight amplification attacks

Tony Finch dot at dotat.at
Fri Sep 28 14:41:35 UTC 2012

Mark Andrews <marka at isc.org> wrote:
> Server cookies are the way to go though I would add timestamps so
> that server secrets don't need to be changed.  The time stamp would
> have to be within X seconds of the servers current concept of time
> or it will be treated as a bad cookie.  The time would be concatenated
> to the rest of the data to be hashed.

Are you referring to this?

f.anthony.n.finch  <dot at dotat.at>  http://dotat.at/
Forties, Cromarty: East, veering southeast, 4 or 5, occasionally 6 at first.
Rough, becoming slight or moderate. Showers, rain at first. Moderate or good,
occasionally poor at first.

More information about the dns-operations mailing list