Donate
Root Server DDoS Attack & How MANRS Can Help Thumbnail
‹ Back
Building Trust 10 December 2015

Root Server DDoS Attack & How MANRS Can Help

Megan Kruse
By Megan KruseDirector, Partner Engagement and Communications

The Internet’s root servers sustained a Distributed Denial of Service (DDoS) attack last week that is gathering quite a bit of media attention. We once again call on all network operators to consider implementing the actions outlined in the Mutually Agreed Norms for Routing Security (MANRS) document and signing on as supporters of the MANRS initiative.

Specifically, in this case we encourage Action #2: Prevent traffic with spoofed source IP addresses.

“Network operator implements a system that enables source address validation for at least single-homed stub customer networks, their own end-users, and infrastructure. Network operator implements anti-spoofing filtering to prevent packets with an incorrect source IP address from entering and leaving the network.”

From the Root Server incident report: “On November 30, 2015 and December 1, 2015, over two separate intervals, several of the Internet Domain Name System’s root name servers received a high rate of queries.” The report concludes with, “Source Address Validation and BCP-38 should be used wherever possible to reduce the ability to abuse networks to transmit spoofed source packets.”

While Source Address Validation and BCP-38 are certainly important, we believe a culture of collective responsibility is vital to maintaining the security of the Internet’s routing infrastructure. By signing onto MANRS and implementing all four Actions called for in the document, we can make progress!

[This post first appeared on the Routing Resilience Manifesto blog at https://www.routingmanifesto.org/2015/12/root-server-ddos-attack-how-manrs-can-help/.]

[Photo Credit: iStock]
‹ Back

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

ION Cape Town: Mind Your MANRS
Deploy36012 November 2015

ION Cape Town: Mind Your MANRS

This week we're highlighting some of the topics that were covered during ION Cape Town a couple of months back. This was...

Another BGP Hijacking Event Highlights the Importance of MANRS and Routing Security
Another BGP Hijacking Event Highlights the Importance of MANRS and Routing Security
Mutually Agreed Norms for Routing Security (MANRS)25 April 2018

Another BGP Hijacking Event Highlights the Importance of MANRS and Routing Security

Another BGP hijacking event is in the news today. This time, the event is affecting the Ethereum cryptocurrency. (Read more...

New Video Explains Routing Security and How MANRS Can Help
New Video Explains Routing Security and How MANRS Can Help
Mutually Agreed Norms for Routing Security (MANRS)14 June 2018

New Video Explains Routing Security and How MANRS Can Help

Routing security can be a difficult topic to explain. It’s technical. It’s filled with industry jargon and acronyms. It’s, well,...

Join the conversation with Internet Society members around the world