: [Full-disclosure] Re: recursive DNS servers DDoS as a
growing DDoSproblem
In the scenario you describe, I cannot see any actual amplification...
I'll give you a senario where you can see.
lets say you have 2 name servers that are local to you.
I setup a domain, example.com. In this domain I
--On den 8 mars 2006 14.58.20 -0500 gboyce [EMAIL PROTECTED] wrote:
On Wed, 8 Mar 2006, Security Lists wrote:
Sorry, I don't see this as amplification in your example, because YOUR
dns servers are 100% of the traffic. 1:1 ratio.
Once the first request to the nameservers is made, the
In the scenario you describe, I cannot see any actual amplification...
I'll give you a senario where you can see.
lets say you have 2 name servers that are local to you.
I setup a domain, example.com. In this domain I create a text record which is
100K in length, I don't know, perhaps I paste
Sorry, I don't see this as amplification in your example, because YOUR
dns servers are 100% of the traffic. 1:1 ratio.
Now, if you get the world to cache your text records, and have THEM
flood with source-spoofed UDP (unrelated to the victim's DNS servers),
that'd work, and is actually a
On Wed, 8 Mar 2006, Security Lists wrote:
Sorry, I don't see this as amplification in your example, because YOUR dns
servers are 100% of the traffic. 1:1 ratio.
Once the first request to the nameservers is made, the object should be
cached by the nameservers. Instead of one packet to each