Re: DNS load research

Marc Chametzky wrote:

I can't get over this nagging feeling in the back of my head
that it opens up a customer to a new variety of DoS attacks


What we're discussing at the moment is to limit the worst case
to about 10..25 queries, with classic-spf-00 it's still 110
(10 mx or ptr, each with 10 names).

Radu also proposed a way to identify malicious PermErrors by
going over the limit, and use a higher blacklist limit.  But
that's not necessarily a good idea, an attacker could stay
below the higher BL limit.
                          Bye, Frank

<Prev in Thread]	Current Thread	[Next in Thread>
RE: Response to DDoS using SPF, (continued) RE: Response to DDoS using SPF, David MacQuigg Re: Response to DDoS using SPF, Chris Haynes Re: Response to DDoS using SPF, David MacQuigg RE: Response to DDoS using SPF, Scott Kitterman Off Topic - English Syntax, David MacQuigg Re: Off Topic - English Syntax, Chris Haynes Re: Off Topic - English Syntax, David MacQuigg Re: Response to DDoS using SPF, Michael Hammer Re: Re: DNS load research, Andy Bakun Re: Re: DNS load research, Marc Chametzky Re: DNS load research, Frank Ellermann <= Re: Re: DNS load research, Marc Chametzky Re: Re: DNS load research, Alex van den Bogaerdt Re: Re: DNS load research, David Macquigg Re: Re: DNS load research, Stuart D. Gathman RE: Re: DNS load research, Scott Kitterman RE: Re: DNS load research, Stuart D. Gathman Re: Re: DNS load research, David Macquigg RE: Re: DNS load research, Scott Kitterman Re: DNS load research, Frank Ellermann Re: Re: DNS load research, Ralf Doeblitz

Previous by Date:	Re: DNS load research, Frank Ellermann
Next by Date:	Re: Re: DNS load research, Marc Chametzky
Previous by Thread:	Re: Re: DNS load research, Marc Chametzky
Next by Thread:	Re: Re: DNS load research, Marc Chametzky
Indexes:	[Date] [Thread] [Top] [All Lists]