As someone who did some investigation (probably not nearly as much as Andrew) on this attack, the only things that helped me start disrupting C2s is accurate registrar info (in many cases C2s used ccTLDs making it moot) so I know who to talk to in order to nuke C2 domains and to a leaser extent accurate registrant data (rarely for notification as they are the suspect party, more for programmatic tracking of what they register next). Just my 2 cents. Sent from my iPhone
On Oct 24, 2016, at 19:29, Andrew Sullivan <ajs@anvilwalrusden.com> wrote:
I think the article (and others along similar lines) are interesting reading. But I am totally mystified how this has anything to do with this PDP.
Full disclosure: Dyn is my employer.
A
On Mon, Oct 24, 2016 at 09:42:18AM +0000, Farell Folly wrote: Dear All,
I would like to share this with you. It will question one more time how the Internet ecosystem will handle this IoT era and what role we can (this WG) play to ensure that the best measures / funtionalities /requirement are in place to prevent or reduce such attacks on the DNS infrastructure. Good reading.
https://www.schneier.com/blog/archives/2016/10/ddos_attacks_ag.html
Best Regards @__f_f__ about.me/farell ________________________________. Mail sent from my mobile phone. Excuse for brievety.
_______________________________________________ gnso-rds-pdp-wg mailing list gnso-rds-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
-- Andrew Sullivan ajs@anvilwalrusden.com _______________________________________________ gnso-rds-pdp-wg mailing list gnso-rds-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg