[Gllug] so after the DNS - Attack
Nix
nix at esperi.org.uk
Wed Feb 7 00:37:05 UTC 2007
On 6 Feb 2007, Juergen Schinker stated:
> who believes that the DNS of yout ISP will be reliable?
>
> http://dnsmon.ripe.net/dns-servmon/domain/plot?domain=root&tstart=1170676800&tstop=1170772430
Even if all the root servers went down at once, it would be a day or so
before really serious impact on J. Random Browser would be evident. Most
queries don't need to recurse that high.
> better be prepared !
>
> http://european.nl.orsn.net/tech-switch-bind.php
By using... a frankly tiny set of geographically limited root servers?
There are so few of them that they don't even seem to use anycasting
(at least, that's what half a dozen geographically diverse traceroutes
seem to say).
There are twelve root servers in the ORSN network. There are at least
122 root servers serving root-servers.net (I'm not sure how to get a
reliable count, this is derived by totting up the figures at
http://www.root-servers.org/).
Yet you suggest that 12 geographically-limited servers are somehow more
DDoS-resistant than 122 geographically diverse servers.
(Perhaps you were unaware of anycasting?)
--
`In the future, company names will be a 32-character hex string.'
--- Bruce Schneier on the shortage of company names
-------------- next part --------------
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list