Merit Network
 Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives
North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: DDos syn attack

  • From: Randy Bush
  • Date: Mon Dec 30 11:11:38 2002 
> This is also a very viable solution, provided the customer has
> provisioned for this with lower ttls on their DNS records, which
> ALOT of people (thankfully) don't do

actually, a bunch of research now shows that low ttls on A RRs
(that are not the A RRs of NS RRs) has little effect.

in the case a dns lookup is being done in a ddos, of course one
would prefer if the attacking zombies cached the lookup <grin>.

randy


Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.