discuss AT lists.opennicproject.org
Subject: Discuss mailing list
List archive
- From: Kenny Taylor <kennytaylor AT runbox.com>
- To: discuss AT lists.opennicproject.org
- Subject: Re: [opennic-discuss] DoS amp attack today
- Date: Mon, 15 Apr 2013 22:35:26 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Most of those lookups would be served from the client's DNS cache, according
to each record's TTL, I think. Most TTLs seem to be at least 5 min, so each
hostname would produce a max of 1 query every 5 min.
Kenny
subhuman <discipline AT gmx.net> wrote:
>On Mon, 15 Apr 2013 22:31:03 -0600
>Jeff Taylor <shdwdrgn AT sourpuss.net> wrote:
>
>> Rate-limiting is the best first-step in this game. Even if you can't
>> prevent your server from being used in an attack, you can at least
>> greatly limit the actual damage being done to yourself and the
>intended
>> target. I would highly recommend that ALL public DNS servers
>implement
>> some manner of rate limiting.
>>
>might not a simple rate limiting cause problems with some clients?
>browsers for example fire lots of requests at almost the same time in
>order to get the contents as quickly as possible. would this include
>dns-lookups?
>
>maybe a silly question. if so, forget it. ;-)
>
>--martin
>
>--
>The only cure to the evils of Democracy is more Democracy.
>
>
>--------
>You are a member of the OpenNIC Discuss list.
>You may unsubscribe by emailing
>discuss-unsubscribe AT lists.opennicproject.org
-----BEGIN PGP SIGNATURE-----
Version: APG v1.0.8
iQJDBAEBCAAtBQJRbOMeJhxLZW5ueSBUYXlsb3IgPGtlbm55dGF5bG9yQHJ1bmJv
eC5jb20+AAoJELOordj4VKFQaOUQAMNmqxJKm34yF3RbwGpof+ydpRjfFUGIZuwA
saRdXPrG7IuN8wboGNHKv3vAPYxKaGj0CDBzcYoGbqKoH0X1q7nOKFEze4KDElfI
hUGTEajx1Iq61+ytrKaJdNPOogAADKJTHtDuK5H0eZoGkrVKOyesJCXBkuljEa7A
FW+YpWmlRh820nV8ktIfOEiSmU9wxrfw3cjLq7d2LvsMbZBIkT/hED41pGmUOImS
igJU7i2MQwj4YhW6MPOxfaX7IjyoWuPIkeBT2rh7Dl7D2BoBPVU74CuShuACI62+
gO9n02B5KtCA9MvfOOrK0QtS8F+gQ8jVtCaXeT6AQAWkd0yZnxqUiLWqPJB3PvGO
2Asm3ST06+T8w3l9aY+vEFfJum4AGn9+mPbocBF/c3K0ribVFhwG0q4ljCfb3sTq
TAiZYUSYzP0m1acvMwSbQ7P/RB17i7g5wFEV/D3au0D8aYQduRgbvt5Vd21yjsl3
KVQV4RyJD2dGMtmrS6atP/YvH3ajtQwiAchlWdXV5mnWHb/GllImfqIDgoBgOFB6
rtM9yCdb1dfWh9L+lP6zDdF1v5HiUN25/ILEaH5loWNTOIN4m9whBxS86oMu+tXb
/cq4FdexaRk5WjAXRRzM3v91m/TpFsz5UseKYJo6n2DoNwsZuwr9kOQwmZ6PiVOu
DrwJypjU
=ONmf
-----END PGP SIGNATURE-----
- Re: [opennic-discuss] DoS amp attack today, (continued)
- Re: [opennic-discuss] DoS amp attack today, Kenny Taylor, 04/18/2013
- Re: [opennic-discuss] DoS amp attack today, Killman BOFH, 04/18/2013
- Re: [opennic-discuss] DoS amp attack today, mike, 04/18/2013
- Re: [opennic-discuss] DoS amp attack today, Killman BOFH, 04/18/2013
- Re: [opennic-discuss] DoS amp attack today, Guillaume Parent, 04/18/2013
- Re: [opennic-discuss] DoS amp attack today, Alex M (Coyo), 04/18/2013
- Re: [opennic-discuss] DoS amp attack today, Jeff Taylor, 04/18/2013
- Re: [opennic-discuss] DoS amp attack today, Killman BOFH, 04/18/2013
- Re: [opennic-discuss] DoS amp attack today, Kenny Taylor, 04/18/2013
- Re: [opennic-discuss] DoS amp attack today, Kenny Taylor, 04/16/2013
- Re: [opennic-discuss] DoS amp attack today, Jeff Taylor, 04/16/2013
- AW: [opennic-discuss] DoS amp attack today, Uwe (ML) Kiewel, 04/16/2013
Archive powered by MHonArc 2.6.19.