|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: anycast and ddos
On Sat, 7 May 2005, Kim Onnel wrote: > 2) Getting Riverhead, which is a shame if they had it and it didnt save the day. riverhead has its warts, one of the larger ones is in some assumptions made about DNS client behaviour :( from first-hand experience you have to be very cautious when sticking one in front of a dns server(s), I imagine the mix gets really fun when that server(s) are really boxes with massively large lists of auth domains... Either way, without first-hand info from the attackee it's going to be tough to sort out what was and wasn't the problem... I do think that someone is going to chat about tcp/53 filtering and possibly other things DNS and ATTACK at the NSP-SEC BoF at nanog 34. -Chris
|