Re: [dns-operations] [Ext] DNS Flag Day 2020 will become effective on 2020-10-01
On 16/09/2020 09:11, Mark Andrews wrote: > There are a number of issues. > Stupid firewalls that block PTB messages. Solution, fragment at network MTU. Let me rephrase that for you: "Solution, fragment at network MTU (a value that you cannot efficiently discover)." -- Cheers, Jeremy ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations
Re: [dns-operations] root? we don't need no stinkin' root!
On 29/11/2019 19:34, Tony Finch wrote: > Attackers can get a small amplification from SYN/ACK retries, and this is > being used in the wild. > > https://www.darkreading.com/attacks-breaches/new-ddos-attacks-leverage-tcp-amplification-/d/d-id/1336339 This isn't small. It'd be good to know _what_ is so broken: "many devices on the Internet can be manipulated to retransmit more than 5,000 SYN-ACK packets in 60 seconds" -- Cheers, Jeremy ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations