Reporting DDOS reflection attacks

• Previous message (by thread): Reporting DDOS reflection attacks
• Next message (by thread): Reporting DDOS reflection attacks
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 11/9/2014 13:40, Doug Barton wrote:
> On 11/8/14 6:33 PM, Roland Dobbins wrote:
>> this is incorrect and harmful, and should be removed:
>>
>>      iii.    Consider dropping any DNS reply packets which are larger
>> than 512 Bytes – these are commonly found in DNS DoS Amplification
>> attacks.
>>
>> This *breaks the Internet*.  Don't do it.
>
> +1
>
The whole thing>  Really?

-- 
The unique Characteristics of System Administrators:

The fact that they are infallible; and,

The fact that they learn from their mistakes.


Quis custodiet ipsos custodes

• Previous message (by thread): Reporting DDOS reflection attacks
• Next message (by thread): Reporting DDOS reflection attacks
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]