[nsp-sec] High DNS load in germany
Scott A. McIntyre
scott at xs4all.net
Thu Jan 7 13:54:22 EST 2010
Hi Peter,
> During the last days, there are a lot of reports, that serveral german ISPs
> have massiv problems with their DNS systems.
> Major outages were reportet (eg. 1und1, InterntX, schlund,)
> example: http://www.h-online.com/security/news/item/Attack-on-InterNetX-s-DNS-servers-898190.html
>
> Since yesterday we also monitor a 500% increase of traffic
Whilst we have not had massive problems, some of our DNS blacklist mirror boxes have been showing an unusual amount of activity. I don't know if this is related to what folks there are seeing, but, coupled with a considerable increase in spam levels here, we've pretty sure the load is at least, in part, generated from the blacklist queries that we're performing against our own infrastructure.
Sadly, my Arbor box which was observing my DNS for me died and won't come back to life, so I don't have any way to look at actual packets. If that changes, I'll be sure to follow-up.
Just adding a data point,
Scott A. McIntyre
XS4ALL Internet B.V.
More information about the nsp-security
mailing list