[AusNOG] census issues tonight
Mark Delany
g2x at juliet.emu.st
Wed Aug 10 15:11:33 EST 2016
On 10Aug16, Paul Wilkins allegedly wrote:
> Assuming the architects have done basic due diligence
I see two unicast name servers for abs.gov.au
I see four unicast name servers for census.abs.gov.au all in the same
/24 and all (obviously) accessible via the same route. They also
accept TCP queries.
They still have absurdly large TTLs on the A RRs.
As best as I can tell, still no GSLB-like responses though they are
now blocking DNS queries from the US which will stop the most naive
DDOSes.
Seems like they haven't even thought about their DNS being a
vulnerable DDOS target yet. I would put that in basic due diligence.
> how does one DDOS an HTTPS site exactly?
Get a million bots to repeatedly establish an HTTPS connection? Embed
<img src=https://150.207.169.6/foolish.jpg> into a hijacked adsense ad
or spam email?
You only need to keep hitting it with the expensive TLS setup to kill
most servers.
> And if they're running on SoftLayer, did they really have no ability to
> scale out elastically?
I thought the SoftLayer folks had made in pretty clear they weren't
involved.
Mark.
More information about the AusNOG
mailing list