3-5 October 2015
Fairmont Queen Elizabeth
US/Eastern timezone
Home > Timetable > Session details > Contribution details


Fairmont Queen Elizabeth - St-Francois

OpenDNS; Managing DDoS Attacks


  • Mr. Brian SOMERS

Primary authors

Abstract content

Open resolvers will always be a target for abuse either as an attack amplification point or as a mask of the attack source. This presentation discusses the measures that OpenDNS has put in place to ensure that their open resolvers contribute towards reducing or blocking DDoS attacks. It goes on to discuss future plans to identify limit or block DoS sources.



This talk discusses OpenDNS’ four main DDoS preventative measures:

  • Rate Limiting
  • The Droplist
  • The Freezelist
  • Authoritative RTT Handling

It also explores some possible future technologies:

  • TClist
  • Freezelist Thawing
  • NXDOMAIN per-level counting
  • Whitelist Labels

Please also consider this submission for the NANOG65 DNS track