[dns-operations] DNS servers "probed" by people who want to kill the Internet?
rdobbins at arbor.net
Thu Sep 15 08:45:12 UTC 2016
On 15 Sep 2016, at 14:37, Stephane Bortzmeyer wrote:
> But is there a chance someone here knows more about it?
We tend to see a repeated cycle of between 18 and 36 months wherein
upper management and executives of some Internet-facing networks (both
enterprise and ISPs) gradually become aware of the unfortunate
operational reality of constant DDoS attacks - often as a result of a
successful DDoS attack which had a negative impact on the availability
of their organizations, or organizations within their vertical market
peer-group. Once they gain this new awareness, some become quite
alarmed, and make the assumption that they're being targeted
specifically - which may be true - and that the sophistication and size
of the attacks they're seeing are beyond the means of anyone but
state-sponsored actors - which is manifestly untrue.
This is perfectly understandable; it is a very serious situation, and is
quite disturbing for those who are just becoming acquainted with this
Hobbesian state of affairs on the global Internet. There's a high
degree of threat asymmetry in favor of the attackers - unless the
defenders take positive steps to alter that calculus in their own favor.
The abovementioned awareness cycle seemed to kick off about 4 months
ago; it of course takes time to reach its peak. We're now at the peak,
or near it, IMHO.
Roland Dobbins <rdobbins at arbor.net>
More information about the dns-operations