This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] DNS DoS attacks by 91.235.143.158 and 69.162.110.100
- Previous message (by thread): [anti-abuse-wg] DNS DoS attacks by 91.235.143.158 and 69.162.110.100
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Wilfried Woeber
Woeber at CC.UniVie.ac.at
Sat Sep 29 12:00:27 CEST 2012
U.Mutlu wrote: [...] > ... and the attack would > be a so called "reflected UDP DNS attack" carried out by someone else > using forged IP headers Even authoritative nameservers are vulnerable to some degree. > (IMO again cheap BS excuse as nowadays > every ISP uses egress/ingress filtering to block such SenderIP-forgeries). I rate this statement/expectation as wishful thinking, sorry. > Is this a case for CERT's ? Definitely! > Anybody have experience with CERT's and can give tips? Depending on "where" you are based, or what your existing relationships to CERTs are, you may want to get in touch with the one that covers the constitency you are in, or try to get in touch with other CERTs that my have working relationships with the ISPs providing connectivity to those address blocks or sources of the offending packets. Hth, Wilfried.
- Previous message (by thread): [anti-abuse-wg] DNS DoS attacks by 91.235.143.158 and 69.162.110.100
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]