nanog mailing list archives

Re: DNS Attacks

From: Joel M Snyder <Joel.Snyder () Opus1 COM>
Date: Sat, 18 Feb 2012 14:41:39 -0700

http://thehackernews.com/2012/02/fbi-will-shutdown-internet-on-march-8.html


Quoting the FBI:

85.255.112.0 through 85.255.127.255
67.210.0.0 through 67.210.15.255
93.188.160.0 through 93.188.167.255
77.67.83.0 through 77.67.83.255
213.109.64.0 through 213.109.79.255
64.28.176.0 through 64.28.191.255

Solve said problem easily by destination NATing those IPs on 53/UDP/TCPto your own recursive servers, or dump them on Google at 8.8.8.8 ifyou're so inclined. Extra bonus result: NAT logs will show who needs apleasant email from customer service.


Or you could just let 'em[1] suffer, BoFH-style.

jms

[1] "'em" in this case is "your customer service reps" who will see a'higher than normal call volume' should the FBI's warning mean anything.


--
Joel M Snyder, 1404 East Lind Road, Tucson, AZ, 85719
Senior Partner, Opus One       Phone: +1 520 324 0494
jms () Opus1 COM                http://www.opus1.com/jms

Current thread:

Re: DNS Attacks Henry Linneweh (Feb 18)
- <Possible follow-ups>
- Re: DNS Attacks Joel M Snyder (Feb 18)
  - Re: DNS Attacks Robert Bonomi (Feb 18)
    - Re: DNS Attacks Ken Gilmour (Feb 19)
    - Re: DNS Attacks Patrick W. Gilmore (Feb 19)
    - Re: DNS Attacks Jeroen Massar (Feb 19)
    - Re: DNS Attacks Valdis . Kletnieks (Feb 19)
    - Re: DNS Attacks Robert Bonomi (Feb 19)
    - Re: DNS Attacks Ken Gilmour (Feb 19)
    - Re: DNS Attacks Tei (Feb 20)
    - Re: DNS Attacks Valdis . Kletnieks (Feb 20)
    - Re: DNS Attacks Christopher Morrow (Feb 20)

(Thread continues...)