[dns-operations] EDNS with IPv4 and IPv6 (DNSSEC or large answers)

Roland Dobbins rdobbins at arbor.net
Mon Sep 15 10:40:40 UTC 2014

On Sep 15, 2014, at 3:25 PM, Stephane Bortzmeyer <bortzmeyer at nic.fr> wrote:

> It may be interesting against amplification attacks (although it seems everyone moved to NTP amplification attacks, abandoning the DNS).

Actually, this isn't really what we're seeing - ntp and SSDP and SNMP and chargen and tftp reflection/amplification attacks are all taking place *alongside* DNS reflection/amplification attacks, rather than supplanting them.  We sometimes see DNS reflection/amplification attacks mixed with ntp or SSDP in multi-vector reflection/amplification attacks, mainly in the gaming space.

Differing communities of 'interest', IMHO.

Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

                   Equo ne credite, Teucri.

    		   	  -- Laocoön

More information about the dns-operations mailing list