In article
Brian Somers wrote:
> Hi folks,
Hi Brian!
> However, during the attack, we also saw a huge number of TCP
> sockets in
> TIME_WAIT talking to root servers (probably all root servers). I’m
> curious if
>
> 1.Are root servers doing some sort of tar pitting where they send a
On Mon, 16 May 2016 14:23:49 -0700, Brian Somers wrote:
>Hi folks,
>
>I work at OpenDNS. We saw a DoS attack in Miami on Friday night around
>10-11:00pm PST, consisting of UDP DNS requests for AAA.BBB.CCC.DDD where each
>of AAA, BBB, CCC and DDD are three digit numbers not greater than 500.
>
On Mon, May 16, 2016 at 5:45 PM, bert hubert
wrote:
> On Mon, May 16, 2016 at 09:34:17PM +, Wessels, Duane wrote:
> > Hi Brian,
> >
> > I think what you're suggesting has already been proposed. See
>
On Mon, May 16, 2016 at 09:34:17PM +, Wessels, Duane wrote:
> Hi Brian,
>
> I think what you're suggesting has already been proposed. See
> https://datatracker.ietf.org/doc/draft-fujiwara-dnsop-nsec-aggressiveuse/ and
> https://datatracker.ietf.org/doc/draft-wkumari-dnsop-cheese-shop/
It
Why not run a local copy of the root? It should be a good practice for
large recursives, plus you get better latency.
Marek
On Mon, May 16, 2016 at 2:34 PM, Wessels, Duane wrote:
> Hi Brian,
>
> I think what you're suggesting has already been proposed. See
>
Hi Brian,
I think what you're suggesting has already been proposed. See
https://datatracker.ietf.org/doc/draft-fujiwara-dnsop-nsec-aggressiveuse/ and
https://datatracker.ietf.org/doc/draft-wkumari-dnsop-cheese-shop/
DW
> On May 16, 2016, at 2:23 PM, Brian Somers wrote:
Hi folks,
I work at OpenDNS. We saw a DoS attack in Miami on Friday night around
10-11:00pm PST, consisting of UDP DNS requests for AAA.BBB.CCC.DDD where each
of AAA, BBB, CCC and DDD are three digit numbers not greater than 500.
Each query was answered with an NXDOMAIN by the root servers,