Internet Storm Center on the Spamhaus DOS

The Internet Storm Center (ISC) has a blog post up discussing the DOS attack against Spamhaus. They do confirm they saw traffic approaching 300Gbps against Spamhaus. They also point out that most people probably never knew.

The attack was significant, but not globally so despite the media reports to the contrary. When news of the attack reached the Internet Storm Center, we did have a brief moment of panic and contemplated resorting to cannibalism. However, we quickly decided against this option (due to a combination of calmer heads prevailing and a lack of consensus on whether people could be turned into bacon).

ISC has a lot of technical details about how to secure your DNS servers, and I strongly encourage everyone to go look and make sure their DNS servers are secure. I checked ours a few days ago. I really didn’t think they would be open; Steve gets DNS and keeps up with security so it was unlikely we had open resolvers. I looked up our resolvers anyway because a second pair of eyes on things is never a bad thing.

Related Posts

Spamhaus answers about the recent DoS attack

Answers about recent DDoS attack on Spamhaus

Read More

Setting up DNS for sending email

Email – and email filtering – makes a lot of use of DNS, and it’s fairly easy to miss something. Here are a few checklists to help:

Read More

Collaboration key to fighting crime on the internet

The Pittsburg Post Gazette has a good article on the DNS Changer Working group and how it can serve as a model for future collaboration against cyber crime.

Read More