|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
In-Reply-To: <E2ED3668-F67E-4F8C-A92E-625E97504ED5@arbor.net> From: "Patrick W. Gilmore" <patrick@ianai.net> Date: Tue, 26 Mar 2013 18:48:27 +0800 To: North American Operators' Group <nanog@nanog.org> Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org Composed on a virtual keyboard, please forgive typos.=20 On Mar 26, 2013, at 18:27, "Dobbins, Roland" <rdobbins@arbor.net> wrote: > On Mar 26, 2013, at 3:13 PM, Nick Hilliard wrote: >=20 >> The whole point of this thread is that dns amplification hurts other peop= le, not the resolver which is being abused. >=20 > Actually, it often hurts the resolver(s) being abused, as well, leading to= availability problems for those who legitimately need the recursive service= in question. On more than one occasion, the operator of an open resolver being used to am= plify an attack at our network has called / emailed asking us to stop abusin= g them. It seems the query rate "we" were sending them was crippling their s= ervers.=20 Sometimes they threaten to filter us. How thoughtful of them! Reminds me of: "Yer h4x0ring me on port 80!!1!1!!1" --=20 TTFN, patrick
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |