4-5 February 2021
UTC timezone
Webinar doors will open at 15:45 UTC. The first session will start promptly at 16:00 UTC.

OARC Members Only Session: Vulnerability Disclosure (DDoS)

5 Feb 2021, 18:30


Giovane Moura (SIDN Labs/TU Delft)


In this talk, we will disclose to OARC-members only a vulnerability that can be exploited to carry large DoS attacks against authoritative servers. It is not a theoretical threat, although it does not seem to have been yet exploited in full scale — not that we are aware.

We have already notified pertinent parties that are vulnerable to this threat — and they are working to fix it.

In the meantime, we want to notify authoritative server operators of how they can protect themselves. We will release accompanying source code to help in this process.

Primary author

Giovane Moura (SIDN Labs/TU Delft)


John Heidemann (USC/Information Sciences Institute) Mr Sebastian Castro (InternetNZ) Wes Hardaker (USC/ISI)

Presentation Materials

There are no materials yet.