discuss AT lists.opennicproject.org
Subject: Discuss mailing list
List archive
- From: Julian DeMarchi <julian AT jdcomputers.com.au>
- To: OpenNIC Discuss <discuss AT lists.opennicproject.org>
- Subject: [opennic-discuss] DDOS, open resolvers, how to solve?
- Date: Wed, 30 Oct 2013 09:43:55 +1000
heya--
OpenNIC project for the last 2 or so years has had major issues with
DDOS and abuse traffic. Some members have tried to solve this by
monitoring their logs and creating scripts to catch such abuse. However,
when the problem has started it is hard to curtail. You block, but the
traffic still comes and uses bandwidth.
I think the time has come for OpenNIC to no longer have open resolvers
and move to a subscription based service. My idea would be to have an
OpenNIC sponsored site which IPs could be registered to allow them to
talk to our pool of T2 servers. Registered IPs would then have a
subdomain created like, $ip.white.opennic.glue. white indicates whitelist.
We have had scripts before which block the first DNS attempt, then
checks if the IP is authorized then will add them to the allow list
dynamicly in bind. I think the theory here would be, the script would
check if the domain 127.0.0.1.white.opennic.glue exists, if it does, add
to the allow list.
Any registered IP will not be assoicated to any user at all, so no
information can be gathered from our user base.
Thoughts, ideas?
--julian
- [opennic-discuss] DDOS, open resolvers, how to solve?, Julian DeMarchi, 10/29/2013
- Re: [opennic-discuss] DDOS, open resolvers, how to solve?, A.J. Maurin, 10/29/2013
- Re: [opennic-discuss] DDOS, open resolvers, how to solve?, Julian DeMarchi, 10/29/2013
- Re: [opennic-discuss] DDOS, open resolvers, how to solve?, A.J. Maurin, 10/29/2013
- Re: [opennic-discuss] DDOS, open resolvers, how to solve?, A.J. Maurin, 10/29/2013
- Re: [opennic-discuss] DDOS, open resolvers, how to solve?, Zach Gibbens, 10/29/2013
- Re: [opennic-discuss] DDOS, open resolvers, how to solve?, Julian DeMarchi, 10/29/2013
- Re: [opennic-discuss] DDOS, open resolvers, how to solve?, A.J. Maurin, 10/29/2013
- Re: [opennic-discuss] DDOS, open resolvers, how to solve?, Guillaume Parent, 10/29/2013
- Re: [opennic-discuss] DDOS, open resolvers, how to solve?, Zach Gibbens, 10/29/2013
- Re: [opennic-discuss] DDOS, open resolvers, how to solve?, Zach Gibbens, 10/29/2013
- Re: [opennic-discuss] DDOS, open resolvers, how to solve?, A.J. Maurin, 10/29/2013
- Re: [opennic-discuss] DDOS, open resolvers, how to solve?, Julian DeMarchi, 10/29/2013
- Re: [opennic-discuss] DDOS, open resolvers, how to solve?, A.J. Maurin, 10/29/2013
- Re: [opennic-discuss] DDOS, open resolvers, how to solve?, Julian DeMarchi, 10/29/2013
- Re: [opennic-discuss] DDOS, open resolvers, how to solve?, A.J. Maurin, 10/29/2013
Archive powered by MHonArc 2.6.19.