Skip to Content.
Sympa Menu

discuss - Re: [opennic-discuss] DDOS, open resolvers, how to solve?

discuss AT lists.opennicproject.org

Subject: Discuss mailing list

List archive

Re: [opennic-discuss] DDOS, open resolvers, how to solve?


Chronological Thread 
  • From: Quinn Wood <wood.quinn.s AT gmail.com>
  • To: discuss AT lists.opennicproject.org
  • Subject: Re: [opennic-discuss] DDOS, open resolvers, how to solve?
  • Date: Wed, 30 Oct 2013 02:49:13 -0500

As a preview to policy, you could start by only allowing a set number
of addresses to be added to each account, and after that require a
proposal to expand your account. Then in order to use your botnet in
an amplification attack you would have to:

1.) Know the IP address(es) of every node you wanted to use
2a.) Either add those addresses to an account manually and lie well
enough to get a proposal for more access through OR
2b.) Register multiple accounts and add those addresses to multiple accounts

This isn't bulletproof, but I get the impression that's not the goal.
If the goal is to make want-to-be DDoSers find a different path of
least resistance, this may alleviate the concerns proposed by Julian
in the opening post.



Archive powered by MHonArc 2.6.19.

Top of Page