discuss AT lists.opennicproject.org

Subject: Discuss mailing list

List archive

Re: [opennic-discuss] DDOS, open resolvers, how to solve?

From: Christopher <weblionx AT gmail.com>
To: discuss AT lists.opennicproject.org
Subject: Re: [opennic-discuss] DDOS, open resolvers, how to solve?
Date: Wed, 30 Oct 2013 00:37:50 -0400

So they're specifically DDoS'ing our servers now, not just using them
for attacks? Or if these are used to attack others, how does that
work? (If this is off topic I can ask in IRC tomorrow).

On Wed, Oct 30, 2013 at 12:32 AM, Julian DeMarchi
<julian AT jdcomputers.com.au> wrote:
> On 10/30/2013 02:24 PM, Christopher wrote:
>> I don't suppose anyone would know how possible it is to make an OS use
>> TCP connections for DNS? That way the DNS server could only listen on
>> TCP which negates most DDoS attacks I've read about here (DNS request
>> with spoofed source to reflect packets). I suppose the easiest way
>> would to be to run a local resolver/proxy that can use TCP. Would this
>> help at all or are there other attacks?
>
> The attacks in question work becuase they use TCP. The trick for the
> attackers is to request a record that is over 4096 bytes and this is in
> the wild now.
>
> --julian
>
>
>
> --------
> You are a member of the OpenNIC Discuss list.
> You may unsubscribe by emailing discuss-unsubscribe AT lists.opennicproject.org

Re: [opennic-discuss] DDOS, open resolvers, how to solve?, (continued)
- Re: [opennic-discuss] DDOS, open resolvers, how to solve?, Tim G, 10/29/2013
  - Re: [opennic-discuss] DDOS, open resolvers, how to solve?, A.J. Maurin, 10/29/2013
- Re: [opennic-discuss] DDOS, open resolvers, how to solve?, Daniel Quintiliani, 10/29/2013
  - Re: [opennic-discuss] DDOS, open resolvers, how to solve?, Julian DeMarchi, 10/29/2013
    - Re: [opennic-discuss] DDOS, open resolvers, how to solve?, Hunter 9999, 10/29/2013