[dns-operations] DNS attacks against FR/BE/NL resolvers of Internet access providers
Damian Menscher
damian at google.com
Mon Sep 14 20:23:16 UTC 2020
You say:
There are a great many public resolvers, the best known ones among which
> are operated by the major US corporations that have cornered a large
> proportion of Internet services and are often referred to as “GAFA” (from
> the initials of Google, Amazon, Facebook and Apple), or the “Big Four”.
Could you please share the IPs for the DNS resolvers operated by Amazon,
Facebook, and Apple? I'm trying to determine whether I'm simply unaware of
those three open recursives (and unable to find them via a search engine),
or if you're simply spreading FUD for political reasons.
Operationally, if you can share the victim IPs (and timestamp in UTC) of
the purported attack either publicly or with law enforcement, such attacks
can sometimes be traced.
Damian
On Mon, Sep 14, 2020 at 6:23 AM Stephane Bortzmeyer <bortzmeyer at nic.fr>
wrote:
> On 1 and 2 September 2020, several French IAPs (Internet Access
> Providers), including SFR and Bouygues, were "down". Their DNS
> resolvers were offline, and it does indeed seem that this was the
> result of an attack carried out against these resolvers.
>
>
> https://www.afnic.fr/en/resources/blog/about-the-attack-on-french-isps-dns-resolvers.html
>
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20200914/c7e9c33c/attachment.html>
More information about the dns-operations
mailing list