[153562] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Open DNS Resolver reflection attack Mitigation

daemon@ATHENA.MIT.EDU (Joe Maimon)
Fri Jun 8 15:09:47 2012

Date: Fri, 08 Jun 2012 15:09:04 -0400
From: Joe Maimon <jmaimon@ttec.com>
To: North American Networking and Offtopic Gripes List <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org

Is there any publicly available rate limiting for BIND?

How about host-based IDS that can be used to trigger rtbh or iptables?

Google and Level3 manage to run open resolvers, why cant I?

Joe


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[153562] in North American Network Operators' Group

Open DNS Resolver reflection attack Mitigation

daemon@ATHENA.MIT.EDU (Joe Maimon)Fri Jun 8 15:09:47 2012

daemon@ATHENA.MIT.EDU (Joe Maimon)
Fri Jun 8 15:09:47 2012