nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: BCP38 thread 93,871,738,435 + SPF

From: Michael.Dillon () btradianz com
Date: Fri, 27 Oct 2006 16:53:15 +0100


How is this attack avoided?


Sounds like the attack is inherent in SPF. In that case,


how did the thread about dns providers and rfc compliance morph into SPF
and spam discussions?


Ask Doug Otis. He stated that SPF sets the stage for DDoS 
attacks against DNS servers. Presumably he said this because
it points to another *COST* of DDoS that could be used as 
a business justification to implement BCP38.

Or you could look at it as a weakness of SPF that should be
used as a justification for discouraging its use. After all
if we discourage botnets because they are DDoS enablers, 
shouldn't we discourage other DDoS enablers like SPF?

--Michael Dillon
Previous By Date Next
Previous By Thread Next

Current thread: