Skip to Content.
Sympa Menu

discuss - Re: [opennic-discuss] DoS amp attack today

discuss AT lists.opennicproject.org

Subject: Discuss mailing list

List archive

Re: [opennic-discuss] DoS amp attack today


Chronological Thread 
  • From: Jeff Taylor <shdwdrgn AT sourpuss.net>
  • To: discuss AT lists.opennicproject.org
  • Subject: Re: [opennic-discuss] DoS amp attack today
  • Date: Tue, 16 Apr 2013 14:57:37 -0600

It sounds great, and for many people this would be a good solution...
Except that from what I'm reading, the only way to get it is to compile
the bleeding-edge BIND, which most people aren't going to do.

The other issue I see is that this is a BIND-only solution. What about
those of us who use dedicated firewalls and don't want the excessive
traffic flooding our internal networks? I prefer to stop as much
garbage as possible at the firewall, then use BIND based solutions as a
backup to catch whatever else gets through.


On 04/16/2013 12:53 AM, Stefan Sabolowitsch wrote:
> Hi guys.
> Why do you make your life not something easier?
> rate-limit and anti-spoof are OK and important, but what really helps is
> DNS dampening.
>
> http://lutz.donnerhacke.de/eng/Blog/DNS-Dampening
>
> It will be as a plugin in the upcoming release of Bind v10.
>
>
>
> http://bind10.isc.org/ticket/2840
>
> It's really works, look here "5.1k Dampening" requests per second
> http://www.pic-upload.de/view-18968967/DNS_Dampening.png.html
>
>
> should someone need help, just ask me maybe i can help here.
>
>
> Regards,
> Stefan
>



Archive powered by MHonArc 2.6.19.

Top of Page