funsec mailing list archives
ICANN Releases Reports on Alternative TLD Systems and DDoS Amplificati on Attacks
From: "Fergie" <fergdawg () netzero net>
Date: Mon, 3 Apr 2006 18:06:00 GMT
I figure most of you are more interested in the latter than the former, but here is the entire spiel. Via CircleID. Follwo the links there to the .pdf report(s) if interested. [snip] In the report, Alternative TLD Name Systems and Roots: Conflict, Control and Consequences [.pdf], ICANN Security and Stability Advisory Committee (SSAC) considers conditions and factors that could accelerate fragmentation, destabilize root name service and alter the existing name system management framework to a much greater degree than pure for-profit initiatives. It presents a rudimentary classification of alternative root name server systems and alternative TLD name system administrators. For each class, it attempts to identify the stated or implied incentives for operating an alternative root name service and managing alternative TLDs. It describes the operational models and the technical mechanisms each class of operators employs to provide name resolution and registration services. It then considers the impact on Internet users and service providers (ISPs), domain name registrants, and registries that operate under agreements with ICANN. In early February 2006, name servers hosting Top Level Domain zones were the repeated recipients of extraordinary heavy traffic loads. Analysis of traffic by TLD name server operators and security experts at large confirmed that DNS packets comprising the attack traffic exhibited characteristics associated with previously attempted DDoS attacks collectively known as amplification attacks. In the report, Security Advisory for DNS Distributed Denial of Service Amplification Attacks [.pdf], the advisory describes representative incidents, identifies the impacts, and recommends countermeasures that TLD name server operators can employ for immediate and long-term relief from the harmful effects of these attacks. [snip] http://www.circleid.com/posts/icann_on_alternative_tld_systems_ddos/ - ferg -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg () netzero net or fergdawg () sbcglobal net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- ICANN Releases Reports on Alternative TLD Systems and DDoS Amplificati on Attacks Fergie (Apr 03)
- Re: ICANN Releases Reports on Alternative TLD Systems and DDoS Amplificati on Attacks Dude VanWinkle (Apr 03)