ICANN/DNSO
DNSO Mailling lists archives

[ga-full]


<<< Chronological Index >>>    <<< Thread Index >>>

Re: [ga] USG root servers under DDOS attack



On Mon, 21 Oct 2002, Allan Liska wrote:

> JB> I've been predicting this for years - along with many others.  Another
> JB> good reason why we need multiple roots.
>
> What exactly would stop an attacker from launching the same attacks
> against multiple roots?  Multiple roots would not have provided any
> benefits against this attack.

Non of the roots I'm using seem to be affected ;)

> In addition, I would say this DDoS demonstrates that multiple roots
> are unnecessary.  The vast majority of the Internet had no idea this
> was happening as the root servers still responded to queries, albeit
> slower than usual (but not a perceptible difference).  Given the scale
> of the attack, I would say the root servers held up admirably.

Your wrong there.  The more root clusters there are the more difficult it
is to attack them all.  Root server systems are limted to a max of 13 -
that's an easy target - however if every country and very isp operated
roots the ability to target them become increasingly complex and
difficult.

Also please be advised.  This attack is not well done.  From what I can
see it's an icmp ddos which shows us the attackers have a crude
understanding of howto attack a root server.

I do however expect they will learn in time.

regards
joe baptista

--
This message was passed to you via the ga-full@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga-full" in the body of the message).
Archives at http://www.dnso.org/archives.html



<<< Chronological Index >>>    <<< Thread Index >>>