anycast and ddos

• Previous message (by thread): anycast and ddos
• Next message (by thread): anycast and ddos
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, 7 May 2005, Kim Onnel wrote:

> 2) Getting Riverhead, which is a shame if they had it and it didnt save the day.

riverhead has its warts, one of the larger ones is in some assumptions
made about DNS client behaviour :( from first-hand experience you have to
be very cautious when sticking one in front of a dns server(s), I imagine
the mix gets really fun when that server(s) are really boxes with
massively large lists of auth domains...

Either way, without first-hand info from the attackee it's going to be
tough to sort out what was and wasn't the problem... I do think that
someone is going to chat about tcp/53 filtering and possibly other things
DNS and ATTACK at the NSP-SEC BoF at nanog 34.

-Chris

• Previous message (by thread): anycast and ddos
• Next message (by thread): anycast and ddos
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]