[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Mitigating DNS amplification attacks

Subject: Mitigating DNS amplification attacks
From: rdobbins at arbor.net (Dobbins, Roland)
Date: Wed, 1 May 2013 00:45:25 +0000
In-reply-to: <CDA5DB79.10DEB%[email protected]>
References: <CDA5DB79.10DEB%[email protected]>

On May 1, 2013, at 7:42 AM, Thomas St-Pierre wrote:

> As for BCP38, I would love to stop the spoofed packets, however with them coming from our upstreams, (Level3, Cogent, Tata, etc) I don't see how we can.

Contact them on a case-by-case basis to report the spoofed traffic used to stimulate the servers into responding, including the layer-4 classification criteria, traffic rates, and timestamps available via flow telemetry.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

	  Luck is the residue of opportunity and design.

		       -- John Milton

References:
- Mitigating DNS amplification attacks
  - From: tstpierre at iweb.com (Thomas St-Pierre)

Prev by Date: Mitigating DNS amplification attacks
Next by Date: Andros Island Connectivity?
Previous by thread: Mitigating DNS amplification attacks
Next by thread: Mitigating DNS amplification attacks
Index(es):
- Date
- Thread