[147118] in North American Network Operators' Group
RE: Recent DNS attacks from China?
daemon@ATHENA.MIT.EDU (Rob.Vercouteren@kpn.com)
Fri Dec 2 10:41:46 2011
From: <Rob.Vercouteren@kpn.com>
To: <jmaslak@antelope.net>, <nanog@nanog.org>, <leland@taranta.discpro.org>,
<MatlockK@exempla.org>, <richard.barnes@gmail.com>,
<andrew.wallace@rocketmail.com>
Date: Fri, 2 Dec 2011 16:40:52 +0100
In-Reply-To: <CADb+6TCQ3mzP=LEzXOsccRFUhKhbzehRBJrEmv+oocFJOHexEQ@mail.gmail.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Since it is spoofed traffic we block the "source", so not participating in =
flooding the real ip address.
The real issue is verify unicast reverse path not being implemented. So tha=
t the ip addresses cannot be spoofed!
(unless we are dealing with some major unknown vurlnerabilities in our infr=
astructure)
After a few days we will unblock again.
Regards,
Rob Vercouteren=20
