DNS DoS ???
Frank Bulk
frnkblk at iname.com
Sun Jul 31 01:09:18 UTC 2011
More good stuff here: http://www.team-cymru.org/Services/Resolvers/
Frank
-----Original Message-----
From: Dobbins, Roland [mailto:rdobbins at arbor.net]
Sent: Friday, July 29, 2011 5:40 PM
To: NANOG list
Subject: Re: DNS DoS ???
On Jul 30, 2011, at 1:51 AM, Elliot Finley wrote:
> my DNS servers were getting slow so I blocked recursive queries for all
but my own network.
This should be the standard practice. By operating an open recursor, you
lend your DNS server to abuse as a contributor to DNS
reflection/amplification attacks.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
The basis of optimism is sheer terror.
-- Oscar Wilde
More information about the NANOG
mailing list