Posted on Monday, July 14th, 2008 | Bookmark on del.icio.us

Internet Effects of Last Week’s DNS Patching

by Jose Nazario

We got curious to see if there was an effect from the Internet scale DNS patching going on. Our Internet statistics system suggests … no.

udp_53_inet_1wk

Internet-wide DNS traffic, 1 week

Those spikes? We are pretty sure those are massive DNS attacks.

In short, we’re not seeing a significant change in DNS traffic from before the patching to after the patching (ie as resolvers reprime their caches post restart).

UPDATE July 15 I should note where this data comes from. We’re working with more than 60 tier-1 backbone ISPs who are active participants in sharing aggregate, flow-level summaries of traffic around the world to build Internet-wide visibility into attacks and backbone traffic. This traffic is all inter-domain traffic, crossing ISP peering points. Many thanks to the engineering team who put this view together.

Related articles by Zemanta
Zemanta Pixie

This entry was posted on Monday, July 14th, 2008 at 3:59 pm and is filed under Arbor Networks, Critical Infrastructure, Interesting Research, Policy, Vulnerabilities. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

2 Responses | Add your own



Comment Post by: BelchSpeak — July 15th, 2008 @ 12:40 pm EST  Reply

Can’t see the chart. Dont put it on flickr.

Comment Post by: Security4all — July 16th, 2008 @ 3:32 pm EST  Reply

That’s a completely other view then compared to here
http://www.narus.com/blog/2008/07/10/dns-fix-causes-huge-surge-in-dns-traffic-in-the-internet/

I’m a bit curious what the difference is and why? I have no hidden agenda. I’m just very curious about the difference.

Leave a Comment