Re: Reporting DDOS reflection attacks

10 Nov
2014
10 Nov
'14
1:23 a.m.
On 11/9/2014 13:40, Doug Barton wrote:
On 11/8/14 6:33 PM, Roland Dobbins wrote:
this is incorrect and harmful, and should be removed:
iii. Consider dropping any DNS reply packets which are larger than 512 Bytes – these are commonly found in DNS DoS Amplification attacks.
This *breaks the Internet*. Don't do it.
+1
The whole thing> Really? -- The unique Characteristics of System Administrators: The fact that they are infallible; and, The fact that they learn from their mistakes. Quis custodiet ipsos custodes

10 Nov
10 Nov
1:25 a.m.
New subject: Reporting DDOS reflection attacks
On 10 Nov 2014, at 8:23, Larry Sheldon wrote:
The whole thing> Really?
Breaking DNS for your customers pretty much breaks the Internet for them, yes. ----------------------------------- Roland Dobbins <rdobbins@arbor.net>
3778
Age (days ago)
3778
Last active (days ago)
1 comments
2 participants
participants (2)
-
Larry Sheldon
-
Roland Dobbins