nanog mailing list archives
Re: Reporting DDOS reflection attacks
From: Doug Barton <dougb () dougbarton us>
Date: Sun, 09 Nov 2014 11:40:26 -0800
On 11/8/14 6:33 PM, Roland Dobbins wrote:
this is incorrect and harmful, and should be removed:
iii. Consider dropping any DNS reply packets which are larger
than 512 Bytes – these are commonly found in DNS DoS Amplification attacks.
This *breaks the Internet*. Don't do it.
+1
Current thread:
- Re: Reporting DDOS reflection attacks, (continued)
- Re: Reporting DDOS reflection attacks Miles Fidelman (Nov 08)
- Re: Reporting DDOS reflection attacks srn . nanog (Nov 08)
- Re: Reporting DDOS reflection attacks Ruairi Carroll (Nov 08)
- Re: Reporting DDOS reflection attacks srn . nanog (Nov 08)
- Re: Reporting DDOS reflection attacks Damian Menscher (Nov 08)
- Re: Reporting DDOS reflection attacks Brian Rak (Nov 09)
- Re: Reporting DDOS reflection attacks srn . nanog (Nov 09)
- Re: Reporting DDOS reflection attacks Brian Rak (Nov 09)
- RE: Reporting DDOS reflection attacks Frank Bulk (Nov 08)
- Re: Reporting DDOS reflection attacks Yardiel D. Fuentes (Nov 08)
- Re: Reporting DDOS reflection attacks Roland Dobbins (Nov 08)
- Re: Reporting DDOS reflection attacks Doug Barton (Nov 09)
- Re: Reporting DDOS reflection attacks manning bill (Nov 09)
- Message not available
- Re: Reporting DDOS reflection attacks Larry Sheldon (Nov 09)
- Re: Reporting DDOS reflection attacks Roland Dobbins (Nov 09)
- Re: Reporting DDOS reflection attacks Yardiel D. Fuentes (Nov 08)