[79792] in North American Network Operators' Group
Re: Six PCs caused BigPond problems
daemon@ATHENA.MIT.EDU (Bill Stewart)
Fri Apr 15 01:51:51 2005
Date: Thu, 14 Apr 2005 22:49:28 -0700
From: Bill Stewart <nonobvious@gmail.com>
Reply-To: Bill Stewart <nonobvious@gmail.com>
To: Sean Donelan <sean@donelan.com>
Cc: nanog@merit.edu
In-Reply-To: <Pine.GSO.4.58.0504150137160.5676@clifden.donelan.com>
Errors-To: owner-nanog@merit.edu
On 4/14/05, Sean Donelan <sean@donelan.com> wrote:
> http://www.zdnet.com.au/news/security/0,2000061744,39188319,00.htm
> Disconnecting six compromised personal computers on Tuesday evening eased
> the difficulties caused by bogus requests which clogged BigPond's domain
> name servers (DNS), slowing customer e-mail and Web site access, Telstra =
said.
That's ok. At least six more Telstra PCs will get compromised tomorrow.
I don't know if they're doing uRPF etc. to stop address spoofing, or
blocking RFC1918,
but if not, that may help keep the load down. I'm not a fan of using anyca=
st
as opposed to building scalable distributed configurations of DNS servers=
=20
and coordinating them with the DHCP settings that tell customers what
server to use,
(and monitoring them to make sure they keep working :-),
but it can be good for isolating some problems like this.
----
Thanks; Bill
Note that this isn't my regular email account - It's still experimental so =
far.
And Google probably logs and indexes everything you send it.
