DNS Amplification Attacks... and a trivial proposal

Ronald F. Guilmette rfg at tristatelogic.com
Fri Jun 14 02:12:29 UTC 2013


In message <20130614004155.72013.qmail at joyce.lan>, 
"John Levine" <johnl at iecc.com> wrote:

>The real solution is BCP 38...

I agree completely John.  I cannot do otherwise.  But I have to ask the
obvious elephant-in-the-room question... How is that comming along so far?

Maybe we could find worse ways to spend our time than developing a Plan B
and/or acquiring another basket to put a few of our eggs into.


Regards,
rfg


P.S.  The idea I had was that a reasonably simple anti-DDoS protocol ex-
tension could be codified and rolled out along with regular software
updates, and could thus eventually be in place even without the conscious
cooperation of those system and network administrators who have, by their
actions, already proven themselves to be largely if not entirely un-
cooperative, even with common sense steps to foster and protect the public
good.


More information about the bind-users mailing list