Fri Aug 19 07:40:19 2022
EVENTS
 FREE
SOFTWARE
INSTITUTE

POLITICS
JOBS
MEMBERS'
CORNER

MAILING
LIST

NYLXS Mailing Lists and Archives
NYLXS Members have a lot to say and share but we don't keep many secrets. Join the Hangout Mailing List and say your peice.

DATE 2013-03-01

HANGOUT

2022-08-19 | 2022-07-19 | 2022-06-19 | 2022-05-19 | 2022-04-19 | 2022-03-19 | 2022-02-19 | 2022-01-19 | 2021-12-19 | 2021-11-19 | 2021-10-19 | 2021-09-19 | 2021-08-19 | 2021-07-19 | 2021-06-19 | 2021-05-19 | 2021-04-19 | 2021-03-19 | 2021-02-19 | 2021-01-19 | 2020-12-19 | 2020-11-19 | 2020-10-19 | 2020-09-19 | 2020-08-19 | 2020-07-19 | 2020-06-19 | 2020-05-19 | 2020-04-19 | 2020-03-19 | 2020-02-19 | 2020-01-19 | 2019-12-19 | 2019-11-19 | 2019-10-19 | 2019-09-19 | 2019-08-19 | 2019-07-19 | 2019-06-19 | 2019-05-19 | 2019-04-19 | 2019-03-19 | 2019-02-19 | 2019-01-19 | 2018-12-19 | 2018-11-19 | 2018-10-19 | 2018-09-19 | 2018-08-19 | 2018-07-19 | 2018-06-19 | 2018-05-19 | 2018-04-19 | 2018-03-19 | 2018-02-19 | 2018-01-19 | 2017-12-19 | 2017-11-19 | 2017-10-19 | 2017-09-19 | 2017-08-19 | 2017-07-19 | 2017-06-19 | 2017-05-19 | 2017-04-19 | 2017-03-19 | 2017-02-19 | 2017-01-19 | 2016-12-19 | 2016-11-19 | 2016-10-19 | 2016-09-19 | 2016-08-19 | 2016-07-19 | 2016-06-19 | 2016-05-19 | 2016-04-19 | 2016-03-19 | 2016-02-19 | 2016-01-19 | 2015-12-19 | 2015-11-19 | 2015-10-19 | 2015-09-19 | 2015-08-19 | 2015-07-19 | 2015-06-19 | 2015-05-19 | 2015-04-19 | 2015-03-19 | 2015-02-19 | 2015-01-19 | 2014-12-19 | 2014-11-19 | 2014-10-19 | 2014-09-19 | 2014-08-19 | 2014-07-19 | 2014-06-19 | 2014-05-19 | 2014-04-19 | 2014-03-19 | 2014-02-19 | 2014-01-19 | 2013-12-19 | 2013-11-19 | 2013-10-19 | 2013-09-19 | 2013-08-19 | 2013-07-19 | 2013-06-19 | 2013-05-19 | 2013-04-19 | 2013-03-19 | 2013-02-19 | 2013-01-19 | 2012-12-19 | 2012-11-19 | 2012-10-19 | 2012-09-19 | 2012-08-19 | 2012-07-19 | 2012-06-19 | 2012-05-19 | 2012-04-19 | 2012-03-19 | 2012-02-19 | 2012-01-19 | 2011-12-19 | 2011-11-19 | 2011-10-19 | 2011-09-19 | 2011-08-19 | 2011-07-19 | 2011-06-19 | 2011-05-19 | 2011-04-19 | 2011-03-19 | 2011-02-19 | 2011-01-19 | 2010-12-19 | 2010-11-19 | 2010-10-19 | 2010-09-19 | 2010-08-19 | 2010-07-19 | 2010-06-19 | 2010-05-19 | 2010-04-19 | 2010-03-19 | 2010-02-19 | 2010-01-19 | 2009-12-19 | 2009-11-19 | 2009-10-19 | 2009-09-19 | 2009-08-19 | 2009-07-19 | 2009-06-19 | 2009-05-19 | 2009-04-19 | 2009-03-19 | 2009-02-19 | 2009-01-19 | 2008-12-19 | 2008-11-19 | 2008-10-19 | 2008-09-19 | 2008-08-19 | 2008-07-19 | 2008-06-19 | 2008-05-19 | 2008-04-19 | 2008-03-19 | 2008-02-19 | 2008-01-19 | 2007-12-19 | 2007-11-19 | 2007-10-19 | 2007-09-19 | 2007-08-19 | 2007-07-19 | 2007-06-19 | 2007-05-19 | 2007-04-19 | 2007-03-19 | 2007-02-19 | 2007-01-19 | 2006-12-19 | 2006-11-19 | 2006-10-19 | 2006-09-19 | 2006-08-19 | 2006-07-19 | 2006-06-19 | 2006-05-19 | 2006-04-19 | 2006-03-19 | 2006-02-19 | 2006-01-19 | 2005-12-19 | 2005-11-19 | 2005-10-19 | 2005-09-19 | 2005-08-19 | 2005-07-19 | 2005-06-19 | 2005-05-19 | 2005-04-19 | 2005-03-19 | 2005-02-19 | 2005-01-19 | 2004-12-19 | 2004-11-19 | 2004-10-19 | 2004-09-19 | 2004-08-19 | 2004-07-19 | 2004-06-19 | 2004-05-19 | 2004-04-19 | 2004-03-19 | 2004-02-19 | 2004-01-19 | 2003-12-19 | 2003-11-19 | 2003-10-19 | 2003-09-19 | 2003-08-19 | 2003-07-19 | 2003-06-19 | 2003-05-19 | 2003-04-19 | 2003-03-19 | 2003-02-19 | 2003-01-19 | 2002-12-19 | 2002-11-19 | 2002-10-19 | 2002-09-19 | 2002-08-19 | 2002-07-19 | 2002-06-19 | 2002-05-19 | 2002-04-19 | 2002-03-19 | 2002-02-19 | 2002-01-19 | 2001-12-19 | 2001-11-19 | 2001-10-19 | 2001-09-19 | 2001-08-19 | 2001-07-19 | 2001-06-19 | 2001-05-19 | 2001-04-19 | 2001-03-19 | 2001-02-19 | 2001-01-19 | 2000-12-19 | 2000-11-19 | 2000-10-19 | 2000-09-19 | 2000-08-19 | 2000-07-19 | 2000-06-19 | 2000-05-19 | 2000-04-19 | 2000-03-19 | 2000-02-19 | 2000-01-19 | 1999-12-19

Key: Value:

Key: Value:

MESSAGE
DATE 2013-03-30
FROM Ruben Safir
SUBJECT Subject: [NYLXS - HANGOUT] [rick@linuxmafia.com: Re: BIND options]
From owner-hangout-outgoing-at-mrbrklyn.com Sat Mar 30 21:01:43 2013
Return-Path:
X-Original-To: archive-at-mrbrklyn.com
Delivered-To: archive-at-mrbrklyn.com
Received: by mrbrklyn.com (Postfix)
id 3FF13161C93; Sat, 30 Mar 2013 21:01:43 -0400 (EDT)
Delivered-To: hangout-outgoing-at-mrbrklyn.com
Received: by mrbrklyn.com (Postfix, from userid 28)
id 2F3A8161C9D; Sat, 30 Mar 2013 21:01:43 -0400 (EDT)
Delivered-To: hangout-at-nylxs.com
Received: from mailbackend.panix.com (mailbackend.panix.com [166.84.1.89])
by mrbrklyn.com (Postfix) with ESMTP id 96FE6161C93
for ; Sat, 30 Mar 2013 21:01:42 -0400 (EDT)
Received: from panix2.panix.com (panix2.panix.com [166.84.1.2])
by mailbackend.panix.com (Postfix) with ESMTP id BC94634F66
for ; Sat, 30 Mar 2013 21:01:41 -0400 (EDT)
Received: by panix2.panix.com (Postfix, from userid 20529)
id AA33433C8C; Sat, 30 Mar 2013 21:01:41 -0400 (EDT)
Date: Sat, 30 Mar 2013 21:01:41 -0400
From: Ruben Safir
To: NYLXS
Subject: [NYLXS - HANGOUT] [rick-at-linuxmafia.com: Re: BIND options]
Message-ID: <20130331010141.GA24300-at-panix.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.20 (2009-06-14)
Sender: owner-hangout-at-mrbrklyn.com
Precedence: bulk
Reply-To: hangout-at-mrbrklyn.com


I wrote:

> This is from one of the include files of my BIND configuration.
> You could put it into /etc/bind/named.conf . (198.144.195.186/29
> is my public IP netblock.)

About the Spamhaus attacks: They are made possible by one majorly bad
thing and one minorly bad one.

Majorly bad: ISPs and backbone providers not bothering to do ingress
filtering at their BGP routers. Explanation: It should not be possible
to route a forged IP packet across backbones, because router operators
should reject/drop packets claiming to come from impossible IPs (that
are not valid arriving on that interface). This isn't brain-surgery
and is basic quality-control. And yet, apparently some of these guys
do only egress filtering. Bad! Stupid!

Minorly bad: People operating 'open' recursive DNS resolvers who do not
need to, and who are not ready/willing/able to do their own ingress
filtering (which is in practice feasible only to peering ISPs running
BGP), or at least rate filtering/monitoring.

Minorly bad (variant): SOHO gateways and WAPs with embedded Linux or
BSD or similar distros often have DNS forwarder software (dproxy or
Dnsmasq) that is often misconfigured to answer queries arriving on the
public-facing interface. Those queries are then forwarded to recursive
DNS resolvers as detailed in the prior paragraph.

The two of those things (major and minor) jointly permit abusing other
people recursive nameservers as attack reflectors, very efficiently
because most DNS is done using UDP hence damned near zero overhead and
no handshake checking.

In fact, it's not only an efficient form of attack but also offers
amplification via some means I do not yet fully understand where the bad
guys' 10 bytes of DNS query with a forged source IP generated 1000 bytes
of return value, or 100x amplification factor.

I'll eventually read more about the technical details of these DDoS
attacks. Unfortunately, most of what's written on the subject is
either rubbish or vague.

  1. 2013-03-20 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] back up
  2. 2013-03-20 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] Korean cyberwar
  3. 2013-03-20 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] yabb
  4. 2013-03-20 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] yabb
  5. 2013-03-20 David Sugar <dyfet-at-gnutelephony.org> Re: [NYLXS - HANGOUT] yabb
  6. 2013-03-20 David Sugar <dyfet-at-gnutelephony.org> Re: [NYLXS - HANGOUT] yabb
  7. 2013-03-20 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] yabb
  8. 2013-03-20 From: "Redpill" <red.pill-at-verizon.net> RE: [NYLXS - HANGOUT] back up
  9. 2013-03-20 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] back up
  10. 2013-03-20 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] yabb
  11. 2013-03-20 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] yabb
  12. 2013-03-20 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] yabb
  13. 2013-03-20 From: "Redpill" <red.pill-at-verizon.net> RE: [NYLXS - HANGOUT] back up
  14. 2013-03-20 Ron Guerin <ron-at-vnetworx.net> Re: [NYLXS - HANGOUT] back up
  15. 2013-03-20 From: "Paul Robert Marino" <prmarino1-at-gmail.com> Re: [NYLXS - HANGOUT] back up
  16. 2013-03-20 From: "Michael L. Richardson" <mlr52-at-michaellrichardson.com> Re: [NYLXS - HANGOUT] back up
  17. 2013-03-20 From: "Michael L. Richardson" <mlr52-at-michaellrichardson.com> Re: [NYLXS - HANGOUT] back up
  18. 2013-03-21 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] back up
  19. 2013-03-21 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] back up
  20. 2013-03-21 David Sugar <dyfet-at-gnutelephony.org> Re: [NYLXS - HANGOUT] yabb
  21. 2013-03-21 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] yabb
  22. 2013-03-21 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] yabb
  23. 2013-03-22 Ron Guerin <ron-at-vnetworx.net> Re: [NYLXS - HANGOUT] yabb
  24. 2013-03-22 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] yabb
  25. 2013-03-22 Ruben <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] UEFI
  26. 2013-03-22 Ruben <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] Coin Forum - up and running on YaBB
  27. 2013-03-22 Elfen Magix <elfen_magix-at-yahoo.com> Re: [NYLXS - HANGOUT] yabb
  28. 2013-03-22 Elfen Magix <elfen_magix-at-yahoo.com> Re: [NYLXS - HANGOUT] Coin Forum - up and running on YaBB
  29. 2013-03-22 Elfen Magix <elfen_magix-at-yahoo.com> Re: [NYLXS - HANGOUT] yabb
  30. 2013-03-22 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] yabb
  31. 2013-03-23 David Sugar <dyfet-at-gnutelephony.org> Re: [NYLXS - HANGOUT] yabb
  32. 2013-03-24 Paul Robert Marino <prmarino1-at-gmail.com> Subject: [NYLXS - HANGOUT] UEFI
  33. 2013-03-24 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] Paul and Grand Central terminal
  34. 2013-03-25 Ruben <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] UEFI
  35. 2013-03-25 From: "Paul Robert Marino" <prmarino1-at-gmail.com> Re: [NYLXS - HANGOUT] UEFI
  36. 2013-03-25 mayer ilovitz <mayeri-at-mindspring.com> Re: [NYLXS - HANGOUT] UEFI
  37. 2013-03-28 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] [SECURE1-at-cablevision.com: case # 157902]
  38. 2013-03-28 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] [SECURE1-at-cablevision.com: case # 157902]
  39. 2013-03-28 Ron Guerin <ron-at-vnetworx.net> Re: [NYLXS - HANGOUT] [SECURE1-at-cablevision.com: case # 157902]
  40. 2013-03-28 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] [SECURE1-at-cablevision.com: case # 157902]
  41. 2013-03-28 Ron Guerin <ron-at-vnetworx.net> Re: [NYLXS - HANGOUT] [SECURE1-at-cablevision.com: case # 157902]
  42. 2013-03-28 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] bitcoins
  43. 2013-03-28 Ron Guerin <ron-at-vnetworx.net> Re: [NYLXS - HANGOUT] [SECURE1-at-cablevision.com: case # 157902]
  44. 2013-03-28 Ron Guerin <ron-at-vnetworx.net> Re: [NYLXS - HANGOUT] bitcoins
  45. 2013-03-28 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] [info-at-rxinsider411.com: ICS Prescription Formulary Coverage Change]
  46. 2013-03-29 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] Stan Lee is not quite dead yet
  47. 2013-03-29 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] The NY Times and Egyptian Gold easy to find now
  48. 2013-03-29 Ron Guerin <ron-at-vnetworx.net> Re: [NYLXS - HANGOUT] The NY Times and Egyptian Gold easy to find
  49. 2013-03-29 David Sugar <dyfet-at-gnutelephony.org> Re: [NYLXS - HANGOUT] The NY Times and Egyptian Gold easy to find now
  50. 2013-03-30 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] [rick-at-linuxmafia.com: Re: BIND options]
  51. 2013-03-30 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] [rick-at-linuxmafia.com: More observations about the DNS-based DDoS]
  52. 2013-03-30 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] [ruben-at-mrbrklyn.com: Re: BIND options]
  53. 2013-03-30 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] The NY Times and Egyptian Gold easy to find
  54. 2013-03-30 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] The NY Times and Egyptian Gold easy to find

NYLXS are Do'ers and the first step of Doing is Joining! Join NYLXS and make a difference in your community today!