[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [DNSOP] I-D Action:draft-ietf-dnsop-reflectors-are-evil-06.txt
On Thu, Sep 11, 2008 at 03:34:36PM -0400, Dean Anderson wrote:
> Please tell about the experiences you personally had with open recursor
> attacks at Afilias.
I guess I wasn't clear enough in my message: I am not in a position to
tell you about that. I am constrained by the non-disclosure terms of
my previous employment. If Afilias believes that it can discuss those
attacks in a forum like this, I'm sure the management will send some
notices about them. I have little confidence that they will send
those notices, for the same reasons everyone else in this thread has
mentioned.
> methods? I don't seem to have any mention anywhere about Afilias being
> down or harmed as a result of any attack.
I am not willing to speak about any specific case involving Afilias or
any machines that it operates. I will note, however, that there is a
harm to any operator when it has to respond to attacks: they're
emergencies and have to be treated as such. This entails use of staff
time, and often at inconvenient hours. So even if all the services
stay up and nobody knows about an attack, that is nowise evidence that
no harm happens. Therefore, since the document we're still discussing
offers (perhaps redundant) From dnsop-bounces at ietf.org Thu Sep 11 12:49:00 2008
Return-Path: <dnsop-bounces at ietf.org>
X-Original-To: dnsop-archive at optimus.ietf.org
Delivered-To: ietfarch-dnsop-archive at core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1])
by core3.amsl.com (Postfix) with ESMTP id 25DA83A6A2B;
Thu, 11 Sep 2008 12:49:00 -0700 (PDT)
X-Original-To: dnsop at core3.amsl.com
Delivered-To: dnsop at core3.amsl.com
Received: from localhost (localhost [127.0.0.1])
by core3.amsl.com (Postfix) with ESMTP id 7C3A83A6A2E
for <dnsop at core3.amsl.com>; Thu, 11 Sep 2008 12:48:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.163
X-Spam-Level:
X-Spam-Status: No, score=-1.163 tagged_above=-999 required=5 tests=[AWL=0.572,
BAYES_00=-2.599, HELO_MISMATCH_COM=0.553,
HOST_MISMATCH_NET=0.311]
Received: from mail.ietf.org ([64.170.98.32])
by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id FkvQiEXDFDl3 for <dnsop at core3.amsl.com>;
Thu, 11 Sep 2008 12:48:57 -0700 (PDT)
Received: from lists.commandprompt.com (host-159.commandprompt.net
[207.173.203.159])
by core3.amsl.com (Postfix) with ESMTP id 1F85D3A67B4
for <dnsop at ietf.org>; Thu, 11 Sep 2008 12:48:57 -0700 (PDT)
Received: from commandprompt.com
(CPE001b63afe888-CM001adea9c5a6.cpe.net.cable.rogers.com
[99.236.211.160]) (authenticated bits=0)
by lists.commandprompt.com (8.13.8/8.13.8) with ESMTP id m8BJq5tX010052
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
for <dnsop at ietf.org>; Thu, 11 Sep 2008 12:52:08 -0700
Date: Thu, 11 Sep 2008 15:48:42 -0400
From: Andrew Sullivan <ajs at commandprompt.com>
To: dnsop at ietf.org
Message-ID: <20080911194842.GZ1008 at commandprompt.com>
References: <20080910221212.GF773 at commandprompt.com>
<Pine.LNX.4.44.0809111454160.3783-100000 at citation2.av8.net>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <Pine.LNX.4.44.0809111454160.3783-100000 at citation2.av8.net>
User-Agent: Mutt/1.5.17 (2007-11-01)
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0
(lists.commandprompt.com [207.173.203.159]);
Thu, 11 Sep 2008 12:52:09 -0700 (PDT)
Subject: Re: [DNSOP] I-D Action:draft-ietf-dnsop-reflectors-are-evil-06.txt
X-BeenThere: dnsop at ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsop>,
<mailto:dnsop-request at ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/dnsop>
List-Post: <mailto:dnsop at ietf.org>
List-Help: <mailto:dnsop-request at ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>,
<mailto:dnsop-request at ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: dnsop-bounces at ietf.org
Errors-To: dnsop-bounces at ietf.org
On Thu, Sep 11, 2008 at 03:34:36PM -0400, Dean Anderson wrote:
> Please tell about the experiences you personally had with open recursor
> attacks at Afilias.
I guess I wasn't clear enough in my message: I am not in a position to
tell you about that. I am constrained by the non-disclosure terms of
my previous employment. If Afilias believes that it can discuss those
attacks in a forum like this, I'm sure the management will send some
notices about them. I have little confidence that they will send
those notices, for the same reasons everyone else in this thread has
mentioned.
> methods? I don't seem to have any mention anywhere about Afilias being
> down or harmed as a result of any attack.
I am not willing to speak about any specific case involving Afilias or
any machines that it operates. I will note, however, that there is a
harm to any operator when it has to respond to attacks: they're
emergencies and have to be treated as such. This entails use of staff
time, and often at inconvenient hours. So even if all the services
stay up and nobody knows about an attack, that is nowise evidence that
no harm happens. Therefore, since the document we're still discussing
offers (perhaps redundant) defence against a line of attack, I support
it.
A
--
Andrew Sullivan
ajs at commandprompt.com
+1 503 667 4564 x104
http://www.commandprompt.com/
_______________________________________________
DNSOP mailing list
DNSOP at ietf.org
https://www.ietf.org/mailman/listinfo/dnsop