Post date:
Thursday, July 12, 2012 - 17:22
Description:
External DNS
SWITCH has warned us that several organizations in the Swiss community, including CERN, are being used for DNS amplification attacks. The attack asks valid queries to the DNS servers at a low rate to avoid being detected. Rate limits will be implemented next week on the external DNS servers to blacklist abusers.
Specific Service Detail:
Only a particular type of DNS query will be limited and legitimate servers don't use that type for normal resolution, so we don't expect any impact.
Reason for this intervention:
SWITCH has warned us that several organizations in the Swiss community, including CERN, are being used for DNS amplification attacks. The attack asks valid queries to the DNS servers at a low rate to avoid being detected. Rate limits will be implemented next week on the external DNS servers to blacklist abusers.
Effective from date:
Tuesday, July 17, 2012 - 09:00
End date:
Tuesday, July 17, 2012 - 09:15
Service Element Affected:
Network Infrastructure Service
Impact on service:
Service will be available but degraded
Posted by:
IT-CS
Unit responsible for resolution:
IT Department