[169097] in North American Network Operators' Group
Re: ddos attack blog
daemon@ATHENA.MIT.EDU (Paul Ferguson)
Thu Feb 13 12:30:36 2014
Date: Thu, 13 Feb 2014 09:30:06 -0800
From: Paul Ferguson <fergdawgster@mykolab.com>
To: Cb B <cb.list6@gmail.com>
In-Reply-To: <CAD6AjGRHx2N0dfF2nESBcgWHUXqgv-o_pU2bJboaphNcoZJ0yA@mail.gmail.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Reply-To: fergdawgster@mykolab.com
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 2/13/2014 9:06 AM, Cb B wrote:
> Good write up, includes name and shame for AT&T Wireless, IIJ,
> OVH, DTAG and others
>
> http://blog.cloudflare.com/technical-details-behind-a-400gbps-ntp-amplification-ddos-attack
>
> Standard plug for http://openntpproject.org/ and
> http://openresolverproject.org/ and bcp38 , please fix/help.
>
> For those of you paying attention to the outage list, this is a
> pretty big deal that has had daily ramification for some very big
> networks
> https://puck.nether.net/pipermail/outages/2014-February/date.html
>
> In general, i think UDP is doomed to be blocked and rate limited
> -- tragedy of the commons. But, it would be nice if folks would
> just fix the root of the issue so the rest of us don't have go
> there...
>
The alternative is get people to understand that anti-spoofing is
good, and efforts to combat spoofing should be encouraged.
- - ferg
- --
Paul Ferguson
VP Threat Intelligence, IID
PGP Public Key ID: 0x54DC85B2
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iF4EAREIAAYFAlL9AR4ACgkQKJasdVTchbJZYwEAivI00Yq7RSMze74GFQKEyCeH
pS2s8TH0ba08NWKC22AA/jyN35xonJBzldJA8/xlzhnuLnyOFB0Y7GKZ8NiqRiRl
=ItxR
-----END PGP SIGNATURE-----
