The Boston Diaries

The ongoing saga of a programmer who doesn't live in Boston, nor does he even like Boston, but yet named his weblog/journal “The Boston Diaries.”

Go figure.

Thursday, January 05, 2012

An anoying attack, Part II

I'm also seriously tempted to write a program to send back a nice, custom response to these, in the hopes that the program actually cares about the response.

An annoying attack - The Boston Diaries - Captain Napalm

Yeah, about that …

I've done a bit more research and apparently my server is part of a DNS amplification attack, where some machine (or machines) somewhere on the Inernet is sending my server (along with possibly other DNS servers) a forged DNS request, in the hopes that my DNS server will do the requested DNS lookup and return the result (in this case, any DNS record for isc.org, which is known for returning rather large DNS resonses) in the hopes of denying service to the forged IP address.

And even though my server won't do the actual DNS request, it still returns a packet saying as much, so even though my server is not sending a large packet, it is returning a packet, and thus participating the the DDoS attack, however little.

So even if I did send back a bogus response, it wouldn't be directed at the guilty party.

Sigh.

So I guess the thing to do is just filter those requests at the firewall.

Obligatory Picture

[The future's so bright, I gotta wear shades]

Obligatory Contact Info

Obligatory Feeds

Obligatory Links

Obligatory Miscellaneous

You have my permission to link freely to any entry here. Go ahead, I won't bite. I promise.

The dates are the permanent links to that day's entries (or entry, if there is only one entry). The titles are the permanent links to that entry only. The format for the links are simple: Start with the base link for this site: https://boston.conman.org/, then add the date you are interested in, say 2000/08/01, so that would make the final URL:

https://boston.conman.org/2000/08/01

You can also specify the entire month by leaving off the day portion. You can even select an arbitrary portion of time.

You may also note subtle shading of the links and that's intentional: the “closer” the link is (relative to the page) the “brighter” it appears. It's an experiment in using color shading to denote the distance a link is from here. If you don't notice it, don't worry; it's not all that important.

It is assumed that every brand name, slogan, corporate name, symbol, design element, et cetera mentioned in these pages is a protected and/or trademarked entity, the sole property of its owner(s), and acknowledgement of this status is implied.

Copyright © 1999-2024 by Sean Conner. All Rights Reserved.