Reporting DDOS reflection attacks
Larry Sheldon
larrysheldon at cox.net
Mon Nov 10 01:23:32 UTC 2014
On 11/9/2014 13:40, Doug Barton wrote:
> On 11/8/14 6:33 PM, Roland Dobbins wrote:
>> this is incorrect and harmful, and should be removed:
>>
>> iii. Consider dropping any DNS reply packets which are larger
>> than 512 Bytes – these are commonly found in DNS DoS Amplification
>> attacks.
>>
>> This *breaks the Internet*. Don't do it.
>
> +1
>
The whole thing> Really?
--
The unique Characteristics of System Administrators:
The fact that they are infallible; and,
The fact that they learn from their mistakes.
Quis custodiet ipsos custodes
More information about the NANOG
mailing list