Skip to Content.
Sympa Menu

discuss - Re: [opennic-discuss] DDOS blocking

discuss AT

Subject: Discuss mailing list

List archive

Re: [opennic-discuss] DDOS blocking

Chronological Thread 
  • From: Jeff Taylor <shdwdrgn AT>
  • To: discuss AT
  • Subject: Re: [opennic-discuss] DDOS blocking
  • Date: Thu, 04 Apr 2013 15:05:49 -0600

There isn't really a resolution for the problem. The packets are
spoofed, we can't just block all the requested IP addresses. However by
blocking the specific type of packet, when we know it shouldn't be
coming through, we can at least prevent our own servers from responding
to the queries and contributing to the problem of amplification
attacks. What more do you think we can do from our side?

On 04/03/2013 08:25 AM, Aaron J. Angel wrote:
>> I'm starting to wonder if we should make it a policy to drop all ANY
>> requests? It seems that is the key factor behind all of these attacks,
>> and other than the servers talking between themselves, I don't know of
>> any use a client would have for such a query.
> This doesn't resolve the problem, it just covers it up a portion of
> it.

Archive powered by MHonArc 2.6.19.

Top of Page