I have a block of static IPs through my DSL provider, and these host all of my online infrastructure (because you effectively have no security at all when you give up physical control of your servers). This is a one person operation, at the outer fringe of the grid.
I recently discovered that my DNS services have been suffering a water torture attack, occasionally resulting in congestion that makes the connection virtually unusable. I think I know who is doing this and why, but that's immaterial to this post, as I don't expect anyone (including law enforcement) to do anything substantial to help resolve that situation.
Everything that I can find in my quick search of literature on the subject talks about these sorts of attacks using randomly generated non-existent subdomains (e.g. <hash>.<hash>.<hash>.example.com), but I suspect this pattern of abuse has been mitigated by ISPs and backbone operators? Instead, I am seeing my server answering queries for endless capitalization permutations of the names that actually exist: example.com, eXamPle.com, ExAmple.COM, and so on.
Can anyone link me to current reference material describing this variation of DDoS attack? What is my best plan for mitigating this kind of attack?
