[dns-operations] [dDoS] Good discussion on the Rackspace attack and DNS resiliency
alex at mordormx.net
Fri Dec 26 18:01:55 UTC 2014
Very nice and detailed report, I have learned a lot of it!
Alejandro Flores Lopez
On Dec 26, 2014 11:56 AM, "Damian Menscher" <damian at google.com> wrote:
> On Fri, Dec 26, 2014 at 9:27 AM, Anthony Eden <anthony.eden at dnsimple.com>
>> We published an incident report after our outage:
>> I have not yet seen an incident report from Rackspace.
> Thank you for posting that (I'd forgotten I'd seen it). And thank you for
> the detailed report, not just describing the root cause (DDoS on DNS
> servers), but also revealing traffic type and volume (random subdomain
> attack at 50Mpps/25Gbps) and your internal procedure for responding to it
> (black-box monitoring to detect the outage, post status notice after 10
> minutes, assemble team via a Hangout after 20 minutes, try various
> technical mitigations, etc). This level of detail is rare in a public
> report, but greatly appreciated. Hopefully others will learn from your
> On Fri, Dec 26, 2014 at 2:02 AM, Damian Menscher <damian at google.com>
>>> Has anyone seen details of the attack styles or volumes? It would be
>>> helpful to share attack knowledge with the community so others know what to
>>> prepare for.
>>> On Wed, Dec 24, 2014 at 1:56 AM, Stephane Bortzmeyer <bortzmeyer at nic.fr>
>>>> After the successful attacks against Rackspace, Namecheap, DNSsimple
>>>> and 1&1, it is clear that dDoS attacks against DNS servers are very
>>>> common this winter, and they succeed :-(
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> dns-jobs mailing list
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the dns-operations