[11356] in bugtraq
Re: Possible Denial Of Service using DNS
daemon@ATHENA.MIT.EDU (marka@ISC.ORG)
Fri Aug 13 02:50:32 1999
Message-Id: <199908110315.NAA11070@bsdi.dv.isc.org>
Date: Wed, 11 Aug 1999 13:15:30 +1000
Reply-To: marka@ISC.ORG
From: marka@ISC.ORG
X-To: cveira@airtel.net
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: Your message of "Tue, 10 Aug 1999 17:59:57 +0200."
<001b01bee349$66a54ee0$0200a8c0@atlantis>
> This is a multi-part message in MIME format.
>
> ------=_NextPart_000_0018_01BEE35A.297221E0
> Content-Type: text/plain;
> charset="iso-8859-1"
> Content-Transfer-Encoding: 8bit
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi,
>
> I must admit that I have been really surprised seeing people's
> 'reaction'
> on this particular matter. We are used to see really good debates when
> something 'c00l' comes up to the scene... But this time, nothing: no
> code review, no debate about possible solutions, ... :?.
The only real solution is to have ISP actually police the
source addresses of packets entering their networks from
their customers. There is nothing new here. Good ISP's
do this already, bad ones don't. The best ones will even
notify the customers that they have a problem when they
see attacks like this lauched from within the customer's
network.
Mark
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
