[161773] in North American Network Operators' Group
Re: Open Resolver Problems
daemon@ATHENA.MIT.EDU (Alain Hebert)
Tue Mar 26 19:04:30 2013
Date: Tue, 26 Mar 2013 19:04:19 -0400
From: Alain Hebert <ahebert@pubnix.net>
To: nanog@nanog.org
In-Reply-To: <5151C0EC.7000008@foobar.org>
Reply-To: ahebert@pubnix.net
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Well,
On 03/26/13 11:38, Nick Hilliard wrote:
> On 26/03/2013 15:06, Alain Hebert wrote:
>> And why not targeting all that animosity to the peers allowing
>> source IP spoofing?
> I do - and I gave a bunch of talks in europistan over the last 12 months
> which included explicit encouragement, practice and configuration for
> implementing BCP38 as part of real-time black hole system deployment.
>
>> DNS Servers don't attack you, people letting their customers spoof
>> source IP do.
> DNS amp packets attack me. Please stop them from leaving your network, and
> I will both implement BCP38 and encourage others to do so. Thank you.
>
> Nick
We're on it here...
Been using the work of http://bindguard.activezone.de/ to watch it =D
There is a lot of targets... kinda hard to figure out the goal...
-----
Alain Hebert ahebert@pubnix.net
PubNIX Inc.
50 boul. St-Charles
P.O. Box 26770 Beaconsfield, Quebec H9W 6G7
Tel: 514-990-5911 http://www.pubnix.net Fax: 514-990-9443
