Well the RBLs, in using dns queries, is another form of legal DDoS attacks, mainly when the suddenly cease to respond or re-configure to black-list the entire wold. One should just imagine the bandwidth consumption during a given time-frame, RBLs consume as oppose to volume of spam messages.
This, in a thread where paul vixie is posting .. and on a list where
there are several people who do run professional blocklists.
Well, I dare say there'll be some difference of opinion. Cant help that.
From: "aljuhani" <info@linuxmount.com>
Subject: Re: Tightened DNS security question re: DNS amplification
attacks.
To: "nanog" <nanog@merit.edu>Well the RBLs, in using dns queries, is another form of legal DDoS attacks, mainly when the
suddenly cease to respond or re-configure to black-list the entire wold. One should just
imagine the bandwidth consumption during a
+given time-frame, RBLs consume as oppose to volume of spam messages.
If you folks are really serious about this, can I suggest using BGP for this ? Maybe a
multi-hop BGP-session like Team Cymru already has for bogons [0]. With different communities
for different types of traffic that should be dropped.
That way you, the network operator, could choose what you what to drop and how.
They are already a pretty trusted party if people actually use these bogon-sessions.
Might it actually be a structural solution ? Atleast if I didn't forget something important.
[0] http://www.team-cymru.org/Services/Bogons/routeserver.html