[dns-operations] DNS attacks against FR/BE/NL resolvers of Internet access providers
Yasuhiro Orange Morishita / 森下泰宏
yasuhiro at jprs.co.jp
Tue Sep 15 09:20:27 UTC 2020
Hi Stephane-san,
I've read the article. I am suspecting the attack vector is random
subdomain attacks via bad CPEs, they acts open resolvers and
forwarding queries to ISP's resolvers.
Possibly, the real target domain name was exist and the attackers
tried to down the auth servers of the domain.
-- Orange
From: Stephane Bortzmeyer <bortzmeyer at nic.fr>
Subject: [dns-operations] DNS attacks against FR/BE/NL resolvers of Internet access providers
Date: Mon, 14 Sep 2020 15:14:59 +0200
> On 1 and 2 September 2020, several French IAPs (Internet Access
> Providers), including SFR and Bouygues, were "down". Their DNS
> resolvers were offline, and it does indeed seem that this was the
> result of an attack carried out against these resolvers.
>
> https://www.afnic.fr/en/resources/blog/about-the-attack-on-french-isps-dns-resolvers.html
>
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
>
More information about the dns-operations
mailing list