Are we really this helpless? (Re: isprime DOS in progress)

• Previous message (by thread): isprime DOS in progress
• Next message (by thread): Are we really this helpless? (Re: isprime DOS in progress)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Noel Butler wrote:
> On Sat, 2009-01-24 at 07:21, Chris McDonald wrote:
> 
>> We [AS3491] null0'd the IP earlier.  Rest-of-world encouraged to do the same :/
>>
> 
> 
> 
> Wrong approach, they are *innocent* in this as are the new targets.
> 
> insert into your favourite acl:
> deny udp host 66.230.160.1 neq 53 any eq 53
> deny udp host 66.230.128.15 neq 53 any eq 53
> 
> But it's much less work to add a filter on the name server as others
> have mentioned.
> 
> 


Having the world trying to keep up with ACL entries seems futile. Is 
there really nothing to be done about this? (Yes, I know, BCP38, but 
obviously the accomplice providers don't care.)

~Seth

• Previous message (by thread): isprime DOS in progress
• Next message (by thread): Are we really this helpless? (Re: isprime DOS in progress)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]