DDOS Continues

["Justin Scott" <admin () dtdns com>]

Hello all, DtDNS is currently undergoing a massive DDOS attack that is
saturating our servers and has caused our upstream providers to null-route
traffic to save their own networks.  (Level3 in Tampa yesterday reported
they were being hit with 40+ Gbps).  If anyone has DDOS mitigation in place
that can lend a hand I would be forever grateful.  Unfortunately at present
I have no way to determining which of our customers is the specific target
of the attack since our servers are unreachable for the most part.  

I've temporarily switched the we use for ns1 to one that isn't being
null-routed so that queries can be answered for the moment, but I fear that
the attack will simply follow the glue-record change once the attacker
realizes that queries are being answered again and our provider will have to
null-route that as well.  It's unfortunate that people feel the need and/or
desire to run these kinds of attacks.  It nearly makes me want to simply
exit the DNS business.

If there is anyone out there that can lend a hand, I can be reached at
+1-941-320-2402 or dtdns () hotmail com (assuming DNS resolution for my regular
address, admin () dtdns com goes down again).  DtDNS is a small provider and we
only carry about 2,000 domains and we are simply not in a position to absorb
this kind of attack.


-Justin Scott, DtDNS Admin


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.