The Internet Storm Center (ISC) has a blog post up discussing the DOS attack against Spamhaus. They do confirm they saw traffic approaching 300Gbps against Spamhaus. They also point out that most people probably never knew.
The attack was significant, but not globally so despite the media reports to the contrary. When news of the attack reached the Internet Storm Center, we did have a brief moment of panic and contemplated resorting to cannibalism. However, we quickly decided against this option (due to a combination of calmer heads prevailing and a lack of consensus on whether people could be turned into bacon).
ISC has a lot of technical details about how to secure your DNS servers, and I strongly encourage everyone to go look and make sure their DNS servers are secure. I checked ours a few days ago. I really didn’t think they would be open; Steve gets DNS and keeps up with security so it was unlikely we had open resolvers. I looked up our resolvers anyway because a second pair of eyes on things is never a bad thing.
RSS - Posts
[…] posted an analysis from the ISC yesterday. They had some useful information about the attack and about what everyone should be doing to stop […]