> On 15 Apr 2021, at 11:35, @lbutlr <krem...@kreme.com> wrote: > > On 14 Apr 2021, at 01:48, Anand Buddhdev <ana...@ripe.net> wrote: >> This is a short-sighted opinion. If just one authoritative server sends >> out REFUSED responses towards an innocent, it won't matter. But if 1000 >> authoritative servers all send out REFUSED responses towards an innocent >> IP address, their combined volume and packet rate *is* significant. > > Is it? > > How big is a REFUSED response?
Approximately the same size as the request. It depends on the request and the server’s capabilities. > Even if it is 100 bytes (and I think it is not that large, but I cannot find > it), 1000 refused would be 100K. > > How many thoudanss of servers do you need in this "DDoS" to overwhelm a > pretty average connection? (My home connection is only 200Mbps down). > > Granted, a million machines would be generating a 100MB of data, which is > insignificantes, but the number of pockets at that scale would probably be an > issue. But is a million servers realistic? > > I don't think calling this a DDoS is accurate. It is more likely;y there is a > known exploit for some servers and they are probing or it is some script > kiddie just blasting out packets hoping to get lucky. If you really want to do something, talk to your local politician and get laws written up that require ISPs to deploy BCP38. This is completely fixable if ISPs deploy BCP38 filters on themselves and all of their customers. There is some CAPEX and OPEX to deploying BCP38 filters and making it a requirement under law levels the playing field between ISPs. > -- > "Are you pondering what I'm pondering?" > "I think so, Mr. Brain, but if the sun'll come out tomorrow, what's > it doing right now?" > > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > ISC funds the development of this software with paid support subscriptions. > Contact us at https://www.isc.org/contact/ for more information. > > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
