SSAC Advisory on DDoS Attacks Leveraging DNS Infrastructure (R-5)

Date IssuedDocumentReference IDCurrent Phase

  

SSAC Advisory on DDoS Attacks Leveraging DNS Infrastructure (R-5)SAC065

CLOSED



  1. Phase 1 Receive
  2. Phase 2 Understand
  3. Phase 3 Evaluate
  4. Phase 4 Implement
  5. Phase 5 Close
  6. Closed



Description:

DNS operators should put in place operational processes to ensure that their DNS software is regularly updated and communicate with their software vendors to keep abreast of latest developments. This should minimally include:

a. Audit and update operational practices as necessary to ensure that a process is in place to systematically perform DNS software updates on both an on-going and an emergency basis; and

b. Encourage DNS software vendors to implement and refine the relevant capabilities at reasonable cost in system resources.


STATUS UPDATES

DatePhaseTypeStatus Updates

 

ClosedPhase ChangeThis Advice Item is now Closed

 

Phase 5Phase UpdateThis item is directed towards DNS operators, not ICANN. ICANN acknowledges this advice, but does not believe there is any action required of ICANN at this time (other than support of promotion of this effort described in SAC065 R-1).

 

Phase 5Phase ChangeNow in Phase 5: Close

 

Phase 3Phase ChangeNow in Phase 3: Evaluate & Consider

 

Phase 2Board UpdateBoard consideration of the advice is still required. Status provided in 19 October 2016 letter from ICANN Board Chair to SSAC Chair (https://www.icann.org/en/system/files/correspondence/crocker-to-faltstrom-19oct16-en.pdf). There is outstanding work on this advice item, and it will be addressed through the BAR pilot process.

 

Phase 2Phase UpdateThank you for providing your feedback to ICANN staff's understanding of request of the advice received by the ICANN Board from the SSAC. We have updated the status of the advice Items based on the approved understanding statements. The attached document includes a list of advice items with these recent status updates, and below is a summary of the 12 items considered complete: SAC065: SSAC Advisory on DDoS Attacks Leveraging DNS Infrastructure – Recommendations 2, 3, 4, 5 and 6.

 

Phase 2AP FeedbackSSAC confirmed the understanding

 

Phase 2Board UnderstandingOur understanding of SAC065 R-5 is that it is directed towards DNS operators, not ICANN.  ICANN acknowledges this advice, but we do not believe that there is any action required of ICANN at this time (other than support of promotion of this effort described in SAC065 R-1).

 

Phase 1Phase UpdateSSAC published SAC065: SSAC Advisory on DDoS Attacks Leveraging DNS Infrastructure: https://www.icann.org/en/system/files/files/sac-065-en.pdf.