[DNSOP] Fwd: I-D Action:draft-ietf-dnsop-as112-under-attack-help-help-04.txt
Joe Abley <jabley@hopcount.ca> Mon, 02 August 2010 15:52 UTC
Return-Path: <jabley@hopcount.ca>
X-Original-To: dnsop@core3.amsl.com
Delivered-To: dnsop@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1E3103A698B for <dnsop@core3.amsl.com>; Mon, 2 Aug 2010 08:52:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8DoIRCWxL+Pw for <dnsop@core3.amsl.com>; Mon, 2 Aug 2010 08:51:57 -0700 (PDT)
Received: from monster.hopcount.ca (monster.hopcount.ca [216.235.14.38]) by core3.amsl.com (Postfix) with ESMTP id 84D243A6936 for <dnsop@ietf.org>; Mon, 2 Aug 2010 08:51:57 -0700 (PDT)
Received: from [199.212.90.17] (helo=dh17.r2.owls.hopcount.ca) by monster.hopcount.ca with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.71 (FreeBSD)) (envelope-from <jabley@hopcount.ca>) id 1OfxJ8-0006eC-0I; Mon, 02 Aug 2010 15:52:14 +0000
From: Joe Abley <jabley@hopcount.ca>
Mime-Version: 1.0 (Apple Message framework v1081)
Content-Type: multipart/mixed; boundary="Apple-Mail-9--338069108"
Date: Mon, 02 Aug 2010 11:52:05 -0400
References: <20100729130002.5634028C1A6@core3.amsl.com>
To: dnsop-chairs@tools.ietf.org
Message-Id: <D22CFF3F-5856-45F2-ABEE-9009B0E3866D@hopcount.ca>
X-Mailer: Apple Mail (2.1081)
X-SA-Exim-Connect-IP: 199.212.90.17
X-SA-Exim-Mail-From: jabley@hopcount.ca
X-SA-Exim-Scanned: No (on monster.hopcount.ca); SAEximRunCond expanded to false
Cc: "dnsop@ietf.org WG" <dnsop@ietf.org>
Subject: [DNSOP] Fwd: I-D Action:draft-ietf-dnsop-as112-under-attack-help-help-04.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Aug 2010 15:52:09 -0000
Hi Peter, Stephen, An earlier version of this document passed working-group last call. This document has some minor changes as described in Appendix A that the authors believe are non-substantive. The authors are of the opinion that this document is ready to be written up and sent to the IESG. Thanks, Joe Begin forwarded message: > From: Internet-Drafts@ietf.org > Date: 29 July 2010 09:00:02 EDT > To: i-d-announce@ietf.org > Cc: dnsop@ietf.org > Subject: [DNSOP] I-D Action:draft-ietf-dnsop-as112-under-attack-help-help-04.txt > list-id: IETF DNSOP WG mailing list <dnsop.ietf.org> > > A New Internet-Draft is available from the on-line Internet-Drafts directories. > This draft is a work item of the Domain Name System Operations Working Group of the IETF. > > > Title : I'm Being Attacked by PRISONER.IANA.ORG! > Author(s) : J. Abley, W. Maton > Filename : draft-ietf-dnsop-as112-under-attack-help-help-04.txt > Pages : 15 > Date : 2010-07-29 > > Many sites connected to the Internet make use of IPv4 addresses which > are not globally unique. Examples are the addresses designated in > RFC1918 for private use within individual sites. > > Hosts should never normally send DNS reverse mapping queries for > those addresses on the public Internet. However, such queries are > frequently observed. Authoritative servers are deployed to provide > authoritative answers to such queries as part of a loosely- > coordinated effort known as the AS112 project. > > Since queries sent to AS112 servers are usually not intentional, the > replies received back from those servers are typically unexpected. > Unexpected inbound traffic can trigger alarms on intrusion detection > systems and firewalls, and operators of such systems often mistakenly > believe that they are being attacked. > > This document provides background information and technical advice to > those firewall operators. > > A URL for this Internet-Draft is: > http://www.ietf.org/internet-drafts/draft-ietf-dnsop-as112-under-attack-help-help-04.txt > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > Below is the data which will enable a MIME compliant mail reader > implementation to automatically retrieve the ASCII version of the > Internet-Draft.
> _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop
- [DNSOP] I-D Action:draft-ietf-dnsop-as112-under-a… Internet-Drafts
- [DNSOP] Fwd: I-D Action:draft-ietf-dnsop-as112-un… Joe Abley
- Re: [DNSOP] Fwd: I-D Action:draft-ietf-dnsop-as11… Peter Koch
- Re: [DNSOP] I-D Action:draft-ietf-dnsop-as112-und… Joe Abley