DNS Attacks

• Previous message (by thread): DNS Attacks
• Next message (by thread): DNS Attacks
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Jan 18, 2012, at 2:45 AM, Leigh Porter wrote:

> The firewall is significant because the attacks killed the firewall as it is rather under specified (not my idea..).


DNS servers (nor any other kind of server, for that matter) should never be placed behind stateful firewalls - the largest firewall one can build or buy will choke under even moderate DDoS attacks due to state-table exhaustion:

<https://files.me.com/roland.dobbins/679xji>

-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

		The basis of optimism is sheer terror.

			  -- Oscar Wilde

• Previous message (by thread): DNS Attacks
• Next message (by thread): DNS Attacks
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]