Skip to Content.
Sympa Menu

discuss - Re: [opennic-discuss] DDOS, open resolvers, how to solve?

discuss AT lists.opennicproject.org

Subject: Discuss mailing list

List archive

Re: [opennic-discuss] DDOS, open resolvers, how to solve?


Chronological Thread 
  • From: Guillaume Parent <gparent AT gparent.org>
  • To: discuss AT lists.opennicproject.org
  • Subject: Re: [opennic-discuss] DDOS, open resolvers, how to solve?
  • Date: Fri, 13 Dec 2013 02:43:13 +0000

Yes, the IDS.

Questions:

-How do you make it so we can remove and add IPs to the list without knowing whose they are?

-How do we prevent a user from deleting someone else's IPs if there's nothing tieing them to the IPs?

-How does this prevent any random hacker from signing up and then whitelisting five spoofed IPs that all of the DNS servers are now going to accept, willfully participating in the flood?

-gp


On Fri, Dec 13, 2013 at 2:35 AM, Coyo <coyo AT darkdna.net> wrote:

On 12/12/2013 08:29 PM, Guillaume Parent wrote:
I'm writing one, but it's far from ready. I'm open to any suggestions myself, log correlation tools could maybe be quickly hacked up for this? Things like Snort?

Snort? The IDS tool? I still need to play with that. I need to play more with Netcat and NMap as well. So much to do.



--------
You are a member of the OpenNIC Discuss list.
You may unsubscribe by emailing discuss-unsubscribe AT lists.opennicproject.org





Archive powered by MHonArc 2.6.19.

Top of Page