[dns-operations] DNSbomb attack

Geoff Huston gih at apnic.net
Tue May 28 23:51:12 UTC 2024


> On 29 May 2024, at 12:55 AM, John Levine <johnl at taugh.com> wrote:
> 
> It appears that Ond� ej Surý <ondrej at sury.org> said:
>> I don’t know why are you trying to create rift where there’s really none.
> 
> I suspect that I am not the only person who is getting a wee bit tired
> of papers that say OMG MOST AWFUL DNS FLAW EVER! INTERNET WILL
> COLLAPSE! MUST CHANGE ALL RFCS! and the authors send out press
> releases, when in fact it should say "here's a DNS attack that was
> described a decade ago but isn't yet patched everywhere" or at most
> "here's yet another amplification attack you should defend against."
> 
> I realize it can be a challenge to get conference papers accepted but
> that's not our problem.


Yup - totally agree John. I tried to point out to the folk on the keytrap bandwagon that the
exploit was documented first some years ago, but was completely drowned out
by the hysterical fanfare of "we found a weakness in DNS behaviour! Aren't
we clever!"

I appreciate that testing widely used software for vulnerabilities is valuable work,
but turning the effort into some bizzarre circus sideshow does nobody any favours
at all.

Geoff
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4162 bytes
Desc: not available
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20240528/b870e715/attachment.bin>


More information about the dns-operations mailing list