On Sep 2, 2008, at 9:47 AM, Joe Abley wrote: >> >> There is "usually" no harm to anyone from open resolvers. No one has >> reported any further attacks since this draft was conceived. > > That is not true. It's possible that the forums in which such attacks > are discussed are not available to you, of course. I say that not as > some kind of thinly-veiled attack, but merely as an observation that > security ops forums tend not to be public.
I'd note that this 2008 Infrastructure Security Survey collection is about done, and the largest reported attack over the past 12 months was just north of 40 Gbps (yes, I meant to type "forty") and employed DNS-based reflective amplification vectors. Others reported these attacks well above 10 Gbps in the past 12 months as well.. Report to be publish in next month or two. -danny _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
