SSAC Advisory on DDoS Attacks Leveraging DNS Infrastructure (R-6)
| Date Issued | Document | Reference ID | Current Phase |
|---|---|---|---|
| SSAC Advisory on DDoS Attacks Leveraging DNS Infrastructure (R-6) | SAC065 | CLOSED |
Description:
Manufacturers and/or configurators of customer premise networking equipment, including home networking equipment, should take immediate steps to secure these devices and ensure that they are field upgradable when new software is available to fix security vulnerabilities, and aggressively replacing the installed base of non-upgradeable devices with upgradeable devices. This minimally involves:
a. Ensuring that the default configuration on these devices does not implement an unmanaged open recursive DNS resolver;
b. Providing updates and patches for their equipment to keep the installed base of networking equipment up-to-date to address current security threats, or as a necessary alternative replacing non-updatable equipment with appropriately configured devices;
c. Ensuring that large-scale participants in purchasing of customer premise networking equipment (e.g., ISPs, government procurement, large enterprises) insist that networking equipment meet the standards discussed in this document.
STATUS UPDATES
| Date | Phase | Type | Status Updates |
|---|---|---|---|
| Closed | Phase Change | This Advice Item is now Closed |
| Phase 5 | Phase Update | This item is directed towards manufacturers and/or configurators of networking equipment, not ICANN. ICANN acknowledges this advice, but does not believe there is any action required of ICANN at this time. |
| Phase 5 | Phase Change | Now in Phase 5: Close |
| Phase 3 | Phase Change | Now in Phase 3: Evaluate & Consider |
| Phase 2 | Board Update | Board consideration of the advice is still required. Status provided in 19 October 2016 letter from ICANN Board Chair to SSAC Chair (https://www.icann.org/en/system/files/correspondence/crocker-to-faltstrom-19oct16-en.pdf). There is outstanding work on this advice item, and it will be addressed through the BAR pilot process. |
| Phase 2 | Phase Update | Thank you for providing your feedback to ICANN staff's understanding of request of the advice received by the ICANN Board from the SSAC. We have updated the status of the advice Items based on the approved understanding statements. The attached document includes a list of advice items with these recent status updates, and below is a summary of the 12 items considered complete: SAC065: SSAC Advisory on DDoS Attacks Leveraging DNS Infrastructure – Recommendations 2, 3, 4, 5 and 6. |
| Phase 2 | AP Feedback | SSAC confirmed the understanding. |
| Phase 2 | Board Understanding | Our understanding of SAC065 R-6 is that it is directed towards manufacturers and/or configurators of networking equipment, not ICANN. ICANN acknowledges this advice, but we do not believe that there is any action required of ICANN at this time. |
| Phase 1 | Phase Update | SSAC published SAC065: SSAC Advisory on DDoS Attacks Leveraging DNS Infrastructure: https://www.icann.org/en/system/files/files/sac-065-en.pdf. |
