[147015] in North American Network Operators' Group
RE: Recent DNS attacks from China?
daemon@ATHENA.MIT.EDU (Matlock, Kenneth L)
Wed Nov 30 14:01:22 2011
Date: Wed, 30 Nov 2011 11:57:23 -0700
From: "Matlock, Kenneth L" <MatlockK@exempla.org>
To: "Richard Barnes" <richard.barnes@gmail.com>,
"andrew.wallace" <andrew.wallace@rocketmail.com>
Cc: nanog@nanog.org, Leland Vandervort <leland@taranta.discpro.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Except in this case it's a DNS attack, which implies UDP based and easily s=
poofed. The source IP may or may not actually be accurate.
=20
Ken
________________________________
From: Richard Barnes [mailto:richard.barnes@gmail.com]
Sent: Wed 11/30/2011 11:51 AM
To: andrew.wallace
Cc: nanog@nanog.org; Leland Vandervort
Subject: Re: Recent DNS attacks from China?
An attack originating from somewhere indicates the presence of either
an attacker or a compromised host. A particular density of either in
a particular geographical area would seem like an interesting data
point.
--Richard
On Wed, Nov 30, 2011 at 1:24 PM, andrew.wallace
<andrew.wallace@rocketmail.com> wrote:
> Before we see knee-jerk conclusions about who to blame, these attacks cou=
ld be carried out by anyone.
>
>
> Is country even relevant in the cyberscape?
>
>
> Andrew
*** Exempla Confidentiality Notice *** The information contained in this me=
ssage may be privileged and confidential and protected from disclosure. If =
the reader of this message is not the intended recipient, or an employee or=
agent responsible for delivering this message to the intended recipient, y=
ou are hereby notified that any other dissemination, distribution or copyin=
g of this communication is strictly prohibited. If you have received this c=
ommunication in error, please notify me immediately by replying to the mess=
age and deleting it from your computer. Thank you. *** Exempla Confidential=
ity Notice ***
