Skip to main content

Featured Post

Monopoly is a better game with real money and crime

Monopoly is a better game with real money and crime What if the classic board game had better rules for simulating capitalism? March 3, 2018 at 03:22PM via Digg http://bit.ly/2I2anym

INTERNET : Root Server DDoS Attack & How MANRS Can Help

INTERNET : Root Server DDoS Attack & How MANRS Can Help

 

INTERNET : Root Server DDoS Attack & How MANRS Can Help
The Internet’s root servers sustained a Distributed Denial of Service (DDoS) attack last week that is gathering quite a bit of media attention. We once again call on all network operators to consider


implementing the actions outlined in the Mutually Agreed Norms for Routing Security (MANRS) document and signing on as supporters of the MANRS initiative.
Specifically, in this case we encourage Action #2: Prevent traffic with spoofed source IP addresses.
"Network operator implements a system that enables source address validation for at least single-homed stub customer networks, their own end-users, and infrastructure. Network operator implements anti-spoofing filtering to prevent packets with an incorrect source IP address from entering and leaving the network."
From the Root Server incident report: “On November 30, 2015 and December 1, 2015, over two separate intervals, several of the Internet Domain Name System's root name servers received a high rate of queries.” The report concludes with, “Source Address Validation and BCP-38 should be used wherever possible to reduce the ability to abuse networks to transmit spoofed source packets.”
While Source Address Validation and BCP-38 are certainly important, we believe a culture of collective responsibility is vital to maintaining the security of the Internet’s routing infrastructure. By signing onto MANRS and implementing all four Actions called for in the document, we can make progress!