Am Sonntag, den 10.06.2012, 00:37 +0000 schrieb Stuart Henderson: > On 2012-06-09, Kostas Zorbadelos <kzo...@otenet.gr> wrote: > > I am interested to hear possible solutions in other layers as well. > > http://fanf.livejournal.com/122111.html seems a nice approach...
This seems to work nicely if the attacker spoofs random addresses or if the real target is not the DNS server but the endpoint receiving its replies (therefore the term "amplification attack"). In Kostas's case it appears the attacker spoofs legit client addresses, which means rate limiting would likely cut off these clients. Rudi
