Speaker
Mr
Ralf Weber
(Nominum)
Description
DNS amplification attacks have evolved considerably and now regularly stress DNS resolvers, networks, and operations teams. Attackers can easily generate gigabits of traffic with modest skills and resources by targeting home gateways with open DNS proxies.
Tens of millions of these devices are scattered across the internet and Best Common Practices such as preventing address spoofing and restricting IP ranges that can access provider resolvers do not deter these attacks.
Since vulnerable home gateways won't be updated anytime soon this presentation will cover other ways to identify and mitigate attacks without impacting legitimate DNS traffic.
Primary author
Mr
Ralf Weber
(Nominum)
