[Dshield] DRDoS - old attack, new story

Stephen Gill gillsr at cymru.com
Fri Mar 17 03:37:18 GMT 2006


Hi Keith,

Disabling open recursion is your best bet.  Here are some helpful
references:

US Cert Reading Room Article
http://www.us-cert.gov/reading_room/DNS-recursion121605.pdf

Example from the University of Oregon
http://cc.uoregon.edu/cnews/winter2006/recursive.htm

Secure Bind Template
http://www.cymru.com/Documents/secure-bind-template.html

-- 
Cheers,
Steve, Team Cymru.
http://www.cymru.com


> From: <dshield.org at keithbergen.com>
> Reply-To: General DShield Discussion List <list at lists.dshield.org>
> Date: Thu, 16 Mar 2006 12:52:00 -0500
> To: 'General DShield Discussion List' <list at lists.dshield.org>
> Subject: [Dshield] DRDoS - old attack, new story
> 
> New story on FoxNews.com about an old (2002) attack on DNS servers. It
> claims that the attack will be resurfacing. I think they do a pretty decent
> job of explaining it.
> 
> http://www.foxnews.com/story/0,2933,188102,00.html
> 
> Is there a way that one can check to see that their DNS server is configured
> correctly?
> 
> Keith.
> 
> 
> _________________________________________
> Learn about Intrusion Detection in Depth from the comfort of your own couch:
> https://www.sans.org/athome/details.php?id=1341&d=1
> 
> _______________________________________________
> send all posts to list at lists.dshield.org
> To change your subscription options (or unsubscribe), see:
> http://www.dshield.org/mailman/listinfo/list
> 




More information about the list mailing list