nanog mailing list archives
Re: DNS deluge for x.p.ctrc.cc
From: Jon Lewis <jlewis () lewis org>
Date: Sun, 26 Feb 2006 11:53:06 -0500 (EST)
On Sat, 25 Feb 2006, Rob Thomas wrote:
As many say, you own your network, and are free to run it as you see fit. :) That said, please be aware that if you leave your name servers open to recursive query requests from any source, you WILL unwittingly help to amplify these attacks. It's the same as ICMP directed broadcast and the like.
This has been an issue for years. Before the DDoSers started using open recursive DNS servers as a modern way to "smurf", spammers were abusing them by registering a domain, setting up DNS, loading the data into open recursive servers (by sending them queries), and then pointing the domains at those recursive servers...getting free DNS service and misdirecting complaints.
The argument that DNS servers have always been open to recursion (so we shouldn't change it) sounds a lot like the open SMTP relay issue 5-10 years ago. It took years, but all but a few wingnuts seem to have finally caught on to the idea that open SMTP relays are a bad idea...enough so that spammers had to move on and adapt to open proxies, and then to botted systems / trojan proxies.
Besides, don't the DNS specs dictate that a proper DNS resolver will try again with TCP if the server tells it the UDP reply was truncated?
---------------------------------------------------------------------- Jon Lewis | I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
Current thread:
- Re: DNS deluge for x.p.ctrc.cc, (continued)
- Re: DNS deluge for x.p.ctrc.cc Rob Thomas (Feb 24)
- Re: DNS deluge for x.p.ctrc.cc Stephen Stuart (Feb 24)
- Re: DNS deluge for x.p.ctrc.cc Chris Adams (Feb 24)
- Re: DNS deluge for x.p.ctrc.cc Jon Lewis (Feb 25)
- Re: DNS deluge for x.p.ctrc.cc bmanning (Feb 25)
- Re: DNS deluge for x.p.ctrc.cc Nicholas Suan (Feb 25)
- Re: DNS deluge for x.p.ctrc.cc Rob Thomas (Feb 25)
- Re: DNS deluge for x.p.ctrc.cc Randy Bush (Feb 25)
- Re: DNS deluge for x.p.ctrc.cc Paul Vixie (Feb 26)
- Re: DNS deluge for x.p.ctrc.cc Paul Vixie (Feb 26)
- Re: DNS deluge for x.p.ctrc.cc Jon Lewis (Feb 26)
- Re: DNS deluge for x.p.ctrc.cc Rob Thomas (Feb 24)
- Re: DNS deluge for x.p.ctrc.cc Joe Provo (Feb 25)
- Re: DNS deluge for x.p.ctrc.cc Joe Abley (Feb 26)
- Re: DNS deluge for x.p.ctrc.cc Christopher L. Morrow (Feb 26)
- Re: DNS deluge for x.p.ctrc.cc Paul Vixie (Feb 26)
- Re: DNS deluge for x.p.ctrc.cc bmanning (Feb 26)
- Re: DNS deluge for x.p.ctrc.cc Paul Vixie (Feb 26)
- Message not available
- Re: DNS deluge for x.p.ctrc.cc Barrett Lyon (Feb 26)
- Re: DNS deluge for x.p.ctrc.cc Rob Thomas (Feb 27)