[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

DNS Attacks

Subject: DNS Attacks
From: rdobbins at arbor.net (Dobbins, Roland)
Date: Wed, 18 Jan 2012 08:05:36 +0000
In-reply-to: <[email protected]>
References: <CALjCmpma-gXUerPUfeAWtgZn4qtVkxJTaEFL3D9Gc0OTvS96oQ@mail.gmail.com> <[email protected]>

On Jan 18, 2012, at 2:45 AM, Leigh Porter wrote:

> The firewall is significant because the attacks killed the firewall as it is rather under specified (not my idea..).


DNS servers (nor any other kind of server, for that matter) should never be placed behind stateful firewalls - the largest firewall one can build or buy will choke under even moderate DDoS attacks due to state-table exhaustion:

<https://files.me.com/roland.dobbins/679xji>

-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

		The basis of optimism is sheer terror.

			  -- Oscar Wilde

References:
- DNS Attacks
  - From: lists at 1337.mx (toor)
- DNS Attacks
  - From: leigh.porter at ukbroadband.com (Leigh Porter)

Prev by Date: DNS Attacks
Next by Date: DNS Attacks
Previous by thread: DNS Attacks
Next by thread: DNS Attacks
Index(es):
- Date
- Thread