[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Reporting DDOS reflection attacks

Subject: Reporting DDOS reflection attacks
From: rdobbins at arbor.net (Roland Dobbins)
Date: Sun, 09 Nov 2014 09:33:06 +0700
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]> <[email protected]>

On 9 Nov 2014, at 6:46, Yardiel D. Fuentes wrote:

> http://bcop.nanog.org/index.php/BCOP_Drafts

There are some good general recommendations in this document (Word 
format?  Really?), but this is incorrect and harmful, and should be 
removed:

	iii.	Consider dropping any DNS reply packets which are larger than 512 
Bytes â?? these are commonly found in DNS DoS Amplification attacks.

This *breaks the Internet*.  Don't do it.

-----------------------------------
Roland Dobbins <rdobbins at arbor.net>

Follow-Ups:
- Reporting DDOS reflection attacks
  - From: dougb at dougbarton.us (Doug Barton)

References:
- Reporting DDOS reflection attacks
  - From: srn.nanog at prgmr.com (srn.nanog at prgmr.com)
- Reporting DDOS reflection attacks
  - From: frnkblk at iname.com (Frank Bulk)
- Reporting DDOS reflection attacks
  - From: yardiel at gmail.com (Yardiel D. Fuentes)

Prev by Date: DDOS, IDS, RTBH, and Rate limiting
Next by Date: DDOS, IDS, RTBH, and Rate limiting
Previous by thread: Reporting DDOS reflection attacks
Next by thread: Reporting DDOS reflection attacks
Index(es):
- Date
- Thread