3–5 Oct 2015
Fairmont Queen Elizabeth
US/Eastern timezone

OpenDNS; Managing DDoS Attacks

4 Oct 2015, 09:00
30m
St-Francois (Fairmont Queen Elizabeth)

St-Francois

Fairmont Queen Elizabeth

900 René-Lévesque Blvd W Montreal, QC H3B 4A5 Canada

Speaker

Mr Brian Somers (OpenDNS, FreeBSD)

Description

Open resolvers will always be a target for abuse either as an attack amplification point or as a mask of the attack source. This presentation discusses the measures that OpenDNS has put in place to ensure that their open resolvers contribute towards reducing or blocking DDoS attacks. It goes on to discuss future plans to identify limit or block DoS sources.

Summary

OpenDNS

This talk discusses OpenDNS’ four main DDoS preventative measures:

  • Rate Limiting
  • The Droplist
  • The Freezelist
  • Authoritative RTT Handling

It also explores some possible future technologies:

  • TClist
  • Freezelist Thawing
  • NXDOMAIN per-level counting
  • Whitelist Labels
Please also consider this submission for the NANOG65 DNS track Yes

Primary author

Mr Brian Somers (OpenDNS, FreeBSD)

Presentation materials