Thanks to both of you for explaining/addressing my comments. Deb Cooley
On Thu, Feb 13, 2025 at 4:12 PM Shumon Huque <shu...@gmail.com> wrote: > On Thu, Feb 13, 2025 at 11:51 AM Dave Lawrence <t...@dd.org> wrote: > >> Shumon Huque writes: >> > Section 8, para 4: Is there a reference for the 'so-called Water >> Torture >> > attacks'? As a native English speaker, I know what that means, but >> it >> > isn't >> > clear to me that others will understand. >> > >> > Let me see if I can find one. I did request a reference from the DNSOP >> > colleague who originally suggested that we cite this attack - I don't >> think he >> > was able to find one. >> >> Personally I've never liked the "water torture" moniker, or its >> alternative "slow drip" appellation, as they don't feel particularly >> apt as a metaphor. I prefer the more descriptive "pseudorandom >> subdomain attack". >> > > Agreed. > > >> That said, I believe it was first publicly described as Slow Drip / >> Water Torture in a presentation by Kei Nishida at APRICOT 39 in 2015, >> though the first observations of the resolver exhaustion technique >> were made by Ziqian Liu in a presentation to DNS-OARC in 2009 (though >> without calling out the random subdomain component, which maybe wasn't >> in play at the time). >> >> Kei Nishida presentation: >> >> https://conference.apnic.net/data/39/dnswatertortureonqtnet_1425130417_1425507043.pptx >> >> https://www.slideshare.net/slideshow/dnswatertortureonqtnet-1425130417-1425507043/45445438 >> >> Ziquian Liu presentation: >> https://www.dns-oarc.net/files/workshop-200911/Ziqian_Liu.pdf >> >> For an academic reference with a durable URL that describes it, Xi >> Luo, et al, published "A Large Scale Analysis of DNS Water Torture >> Attack " with the ACM in 2018, >> https://dl.acm.org/doi/pdf/10.1145/3297156.3297272 >> >> Personally I think I'd reference the Kei Nishida work as the first >> indication of the method for resolver resource exhaustion by using >> random non-existent subdomains, but use the pseudorandom subdomain >> attack term. >> > > Thanks Tale! Your suggestion sounds good to me. > > Shumon. > >
_______________________________________________ DNSOP mailing list -- dnsop@ietf.org To unsubscribe send an email to dnsop-le...@ietf.org
