nanog mailing list archives
Tracking the DNS amplification attacks (was: isprime DOS in progress)
From: Brian Keefer <chort () smtps net>
Date: Sat, 24 Jan 2009 16:50:24 -0800
Caveat: my PERL is _terrible_. http://www.smtps.net/pub/dns-amp-watch.plThis assumes you're using BIND. My logs roll on the hour, so I run it from cron at 1 minute before the hour. Depending on how long it takes to process your logs, you might need to tweak.
-- bk CA cert: http://www.smtps.net/pub/smtps-dot-net-ca-2.pem
Attachment:
smime.p7s
Description:
Current thread:
- Re: Are we really this helpless? (Re: isprime DOS in progress), (continued)
- Re: Are we really this helpless? (Re: isprime DOS in progress) Jon Kibler (Jan 24)
- Re: Are we really this helpless? (Re: isprime DOS in progress) Michael Dillon (Jan 24)
- Re: Are we really this helpless? (Re: isprime DOS in progress) Eugeniu Patrascu (Jan 25)
- Re: Are we really this helpless? (Re: isprime DOS in progress) Eugeniu Patrascu (Jan 25)
- Re: Are we really this helpless? (Re: isprime DOS in progress) Brandon Galbraith (Jan 23)
- Re: Are we really this helpless? (Re: isprime DOS in progress) J.D. Falk (Jan 24)
- Re: Are we really this helpless? (Re: isprime DOS in progress) Seth Mattinen (Jan 24)
- RE: Are we really this helpless? (Re: isprime DOS in progress) Frank Bulk (Jan 23)
- Re: isprime DOS in progress Brian Keefer (Jan 23)
- Re: isprime DOS in progress Brian Keefer (Jan 24)
- Tracking the DNS amplification attacks (was: isprime DOS in progress) Brian Keefer (Jan 24)
- RE: Tracking the DNS amplification attacks (was: isprime DOS in progress) Frank Bulk (Jan 24)
- Re: Tracking the DNS amplification attacks (was: isprime DOS in progress) Brian Keefer (Jan 25)
- Re: Tracking the DNS amplification attacks (was: isprime DOS in progress) James Hess (Jan 25)
- Re: Tracking the DNS amplification attacks (was: isprime DOS in progress) Brian Keefer (Jan 27)
- Re: Tracking the DNS amplification attacks (was: isprime DOS in progress) Brian Keefer (Jan 27)
- Re: Tracking the DNS amplification attacks (was: isprime DOS inprogress) Xaver Aerni (Jan 27)
- Re: Tracking the DNS amplification attacks (was: isprime DOS in progress) Crist Clark (Jan 30)
- Re: isprime DOS in progress Andrew Fried (Jan 24)
- Re: isprime DOS in progress Nathan Ollerenshaw (Jan 23)
- Re: isprime DOS in progress Mark Andrews (Jan 23)