Yeah, it sucked to be a Dyn customer that day. However, if you had a backup dns provider, it wasnt that bad. You do realize that collateral effect scale is a property of a target and not attack? My point was that implementing MANRS, while isn't covering all of the spectrum of the attacks that made news this autumn will make at least some of them if not impossible, but harder to execute. And as I said - its work in progress. P.S. Jared Mauch notes regarding uRPF underperformance are correct, but it only shows how rarely its actually used in a real life. uRPF is more then feasible in terms of algorithmical complexity, and this means that bugs can be dealed with. On Tue, Oct 25, 2016 at 7:30 AM, Ronald F. Guilmette <rfg@tristatelogic.com> wrote:
In message <CALoKGd15haJXthiT31Y_wk=-5UGLSRbusHv4b8btQ5nXv5Dmuw@mail. gmail.com>, Alexander Lyamin <la@qrator.net> wrote:
Its not a first time we have and large scale DDoS incident. Its not a first time we have (a kind of) knee-jerk reaction.
I could be wrong, but I think its the first time I've turned on CNN and seen a "heat map" of the incident showing the entire NorthEast / New England area, all the way down to Washington, and parts of California all blanketed in red.
So that part, at least, was, ya know, novel.
Regards, rfg
-- Alexander Lyamin CEO | Qrator <http://qrator.net/>* Labs* office: 8-800-3333-LAB (522) mob: +7-916-9086122 skype: melanor9 mailto: la@qrator.net