[88514] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Denial of service Attack.

daemon@ATHENA.MIT.EDU (Ejay Hire)
Wed Feb 8 09:22:00 2006

From: "Ejay Hire" <ejay.hire@isdn.net>
To: <nanog@nanog.org>
Date: Wed, 8 Feb 2006 07:39:38 -0600
Errors-To: owner-nanog@merit.edu

Hello.

For the last couple of days we have intermittently been
experiencing a (>1gbps) denial of service attack.  I want to
apologize to anyone whose DNS servers have been (ab)used in
the attack, and let you know what is occurring.

The attacker is forging our source address on dns requests,
and the DNS reply is routing to us.  I promise, we're not
attacking your dns servers.

Please take a moment to consider implementing RPF checks to
prevent these type of forged packet attacks.

Advice is welcomed both on-list and off.

Thanks,
Ejay Hire
ISDN-Net Network Engineer


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[88514] in North American Network Operators' Group

Denial of service Attack.

daemon@ATHENA.MIT.EDU (Ejay Hire)Wed Feb 8 09:22:00 2006

daemon@ATHENA.MIT.EDU (Ejay Hire)
Wed Feb 8 09:22:00 2006