Discuss mailing list

[Guillaume Parent <gparent AT gparent.org>]

The incoming stream of queries isn't a problem, the outbound 10mbit+ stream is a problem. The block takes effect after 3 queries on my end and it gets stopped pretty much instantly.

On Mon, Apr 29, 2013 at 5:44 PM, mike <mike AT pikeaero.com> wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 04/29/2013 05:37 PM, Guillaume Parent wrote:
> The tier 2 security page shows how to trivially defeat these
> attacks through netfilter. It is available on the wiki.
>

> The target is the source IP address, not isc.org <http://isc.org>.
>

I wouldn't say defeat, mitigate perhaps. The packets still arrive, and
with rotating banks of source IPs apparently, the mitigation does not
last long.

- --Mike


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJRfunCAAoJEA7EcEr0emgfE8cH/jPToUCn34O67+vCwGjSEgq8
JmY2JT9B22iqLe5CWbfxDhP4PvRl9YXbdOcLc2AFto1V7E/RGBCfERzfh+KIz/ij
ifFFcjwkgCKHyOMYT7tt899t2yjMekRCA1gRVPX11rMCVlm8wW6RpclkFhW7mIFt
13kY9q3p9uV8U8oQxBGr1DtblxaQlMOiseePKWNDeRsNnPyUWVQvgGjhUW9jMU5n
j4qvQt0Pr9tcReCOt8tcch/whjSVeHUelxvrHQNTWV6juqdvRhvKujO8oMbaOvjn
DI91zh0Bhaqgu8/PzKFE7jUI47FkPUSs3QEshU7/pmIIthqBx7lRz/ZLludprHA=
=0oA8
-----END PGP SIGNATURE-----

--------
You are a member of the OpenNIC Discuss list.
You may unsubscribe by emailing discuss-unsubscribe AT lists.opennicproject.org