DNS Amplification Attacks... and a trivial proposal

Ronald F. Guilmette rfg at tristatelogic.com
Fri Jun 14 02:37:46 UTC 2013

In message <201306140126.r5E1QUQJ032476 at calcite.rhyolite.com>, 
Vernon Schryver <vjs at rhyolite.com> wrote:

>Indeed.   As many have mentioned, DNS reflection attacks are merely
>the current fad...

So it is "just a fad".

Whew!  That's a load off!  I'm glad that somebody told me.  Fortunately
there is still time for me to rush down to the mailbox and retrieve the
letter I was sending to the people who publish Guinness World Records,
nominating this mere "passing fad" of DNS amplification DDoS attacks as
the longest lasting and most internationally costly "fad" since a little
known Italian fellow by the name of Ponzi started soliciting investors.

>There are have been, are, and will be many other protocols used 
>in reflection attacks until BCP 38 is the de facto standard.
>Smurf was an old example
>See also ntp  https://www.google.com/search?q=ntp+reflection+attack
>Chargen is another one from the ancient suite of of the small services
>that is reportedly popular again.
>See also NTP, timed, and others.

I's sorry, Vernon...  Could you please remind me again?  The number of
those types of attacks that were publically reported as having topped out
above 100Gbps was what again?

>The standard reaction to a list like that from experts who invent
>Final Ultimate Solutions to the Spam Problem is incoherent nonsense

That, of course is in marked contrast to all the "real" experts who are
able to explain in excruciating and perfectly sensible detail exactly
why no solution is or will be available anytime soon, and/or why the world
does not seem to be instantly cooperating with their own pet solutions,
perfectly sensible though they may be.

>They neither know nor care TCP has
>long been and still is a very popular in reflection DoS attacks.

And again, the number of those which were or have been publically reported
as topping out about 100Gbps was?

As an expert who so clearly has the inside track on any and all of these 
kinds of problems, I feel sure that you have the answer to that question
immediately available, so please do share.  Thanks Vernon.


More information about the bind-users mailing list