© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
I'm not particularly a fan of even classifying this as a public security bug. It's not a vulnerability in Neutron in that it doesn't allow you to exploit Neutron or OpenStack in any particular way.
Amplification attacks are a result of ISPs failing to filter spoofed IP traffic. The open resolver project has taken to launching a crusade against people offering DNS lookup services exposed to the Internet; however, it won't really solve the issue in the long run because the amplification attacks can be adjusted to just leverage authoritative DNS nameservers or any other myriad of UDP-based services.
I'm for fixing this, but I don't think it should be handled under the priority of a vulnerability... /rant