Mr Ralf Weber (Nominum)
DNS DDoS attacks continue, fueled by open DNS proxies. Now they're stressing resolvers and authorities worldwide using pseudo random subdomains. In June of 2014 there was a 400% increase in this traffic and popular domains continue to be targeted. Analysis of recent DNS data reveals other interesting details. For instance, Response Rate Limiting in authorities appears to aggravate attacks. This presentation will cover the latest attack data as well as tests of the major resolvers showing the impact of capabilities to mitigate them, ranging from changes in recursive behaviors to filtering traffic at ingress.