[GTER] DNS Security - Um ano depois (artigos)

Marcelo Savio marcelo_savio at optiglobe.com.br
Wed Oct 29 14:27:04 -02 2003


***********************************************************************
SANS NewsBites               October 29, 2003           Vol. 5, Num. 43
http://www.sans.org/newsletters/
***********************************************************************
-DNS Security One Year Later - 

After last year's distributed denial of service (DDoS) attack on the
Internet's 13 root servers, the server operators began deploying a
routing technique called Anycast, which "more than double[s] the number
of server farms available to handle the highest level DNS queries."
DNS inventor Paul Mockapetris says that the DNS is "more robust at the
top than it was a year ago, but the bottom layers are a little bit less
safe than they were."

http://www.nwfusion.com/news/2003/1027ddos.html
http://www.computerworld.com/printthis/2003/0,4814,86469,00.html

Paul Mockapetris Interview:
http://www.computerworld.com/printthis/2003/0,4814,86457,00.html

[Editor's Note (Pescatore): Making DNSSec and BGP improvements happen
is like trying to rescue a bunch of kittens in the middle of a busy
interstate highway - if you can't stop the traffic for a while, you
might as well admit there will be ugly splats for a long time. We are
better off building systems that assume the Internet is a low MTBF, low
MTTR environment than hoping for it to ever be very high MTBF. We
learned that about electricity a long time ago and the Internet will
never equal the electric grid in terms of MTBF.

(Paller) For those readers who are wondering: MTBF is Mean Time Between
Failures, the average interval of time that a component will operate
before failing. MTTR means Mean-Time-To-Repair, the average amount of
time needed to repair a component, recover a system, or otherwise
restore service after a failure.]

M. Savio



More information about the gter mailing list