[dns-operations] "Poorly configured DNSSEC servers at root of DDoS attacks"

Stephane Bortzmeyer bortzmeyer at nic.fr
Fri Sep 2 12:38:20 UTC 2016

Previous message (by thread): [dns-operations] "Poorly configured DNSSEC servers at root of DDoS attacks"
Next message (by thread): [dns-operations] "Poorly configured DNSSEC servers at root of DDoS attacks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Sep 02, 2016 at 01:33:08PM +0100,
 Tony Finch <dot at dotat.at> wrote 
 a message of 33 lines which said:

> Dropping responses is likely to cause problems with legitimate ANY
> queries.

And it may help poisoning attacks (the spoofer no longer has a race
with the real server).

Previous message (by thread): [dns-operations] "Poorly configured DNSSEC servers at root of DDoS attacks"
Next message (by thread): [dns-operations] "Poorly configured DNSSEC servers at root of DDoS attacks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dns-operations mailing list