* Stephane Bortzmeyer wrote: > For instance, I'm a big fan of rate-limiting ANY requests because it > works fine *today* in *some* attacks but I would never say it is *the* > solution to DNS-based DoS attacks. It is just a tool among others.
I collected a few statistics. It's far from complete nor perfectly designed, but it covered my ass. Right now. This week. http://lutz.donnerhacke.de/eng/Blog/First-results-from-DNS-Dampening One observation I'm not sure about is: Attacker query rate seems to drop by half about two to tree weeks after rate limiting or three days after dampening. To verify the alternatives, I had to relist my server on the scriptkiddies pastbin. But I does not know the URL nor I'm willing to do so. _______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
