nanog mailing list archives
Re: So how big was it *really*?
From: Jared Mauch <jared () puck nether net>
Date: Thu, 28 Mar 2013 09:41:37 -0400
On Mar 28, 2013, at 9:29 AM, Harry Hoffman <hhoffman () ip-solutions net> wrote:
It's interesting, this just came up on gizmodo. As I said in another forum, take it for what it's worth: http://gizmodo.com/5992652/that-internet-war-apocalypse-is-a-lie
I can't comment in detail, but there are some "lost in translation" moments with the reporting. If you look at externally observable data, something surely happened at LINX on the 23rd: https://stats.linx.net/cgi-pub/aggregate/week I think it's easy to get fully into a doom-and-gloom scenario, but even if the numerical reporting is correct there wasn't a broad impact observed similar to slammer/blaster where everyone was congested. I will say, please don't treat this as 100% hype and look at unicast-rpf and securing your DNS servers in parallel. That threat certainly is real. With 21,432,212 hosts that respond to dns queries (with the right answerl not including those that send a referral to root which is quite large), an amplification attack would be quite easy. It's somewhere around 1:173 hosts run a service that responds. That is real and clearly measurable. your bind settings to look for are: http://www.zytrax.com/books/dns/ch7/queries.html additional-from-auth yes | no ; additional-from-cache yes | no ; - Jared
Current thread:
- So how big was it *really*? Valdis Kletnieks (Mar 28)
- Re: So how big was it *really*? Harry Hoffman (Mar 28)
- Re: So how big was it *really*? Simon Lockhart (Mar 28)
- Re: So how big was it *really*? Jay Ashworth (Mar 28)
- Re: So how big was it *really*? Matthew Petach (Mar 30)
- Re: So how big was it *really*? Valdis . Kletnieks (Mar 30)
- Re: So how big was it *really*? Simon Lockhart (Mar 28)
- Re: So how big was it *really*? Harry Hoffman (Mar 28)
- Re: So how big was it *really*? Dobbins, Roland (Mar 28)
- Re: So how big was it *really*? Jared Mauch (Mar 28)
- Re: So how big was it *really*? Neil J. McRae (Mar 28)