Hi
They're rather trying to prevent Spammers (and other scum) from
> abusing their DNS servers, by disabling recursion for non-trusted
> hosts.
Have a look at:
http://www.securityfocus.com/archive/1/336958/2003-09-06/2003-09-12/0
Interesting read. To summarize the rather lenghty text:
1. Spammer registers throwaway-domain, so he can spam with a
valid "From" address.
2. Spammer populates some victim's DNS cache with information
about his domain. TTL is set very high so this data will
not expire in cache.
3. Spammer changes the authoritative DNS servers of his domain
to that cache, which will then respond to requests for this
domain.
Now's the part I don't quite understand:
4. Because [someone] wants to stop this domain from working,
the DNS servers for this Domain will be attacked (DDoS,
whatever).
I know that RBL servers are quite a popular target among black
hats, but c'mon, since when do good guys (=the victims of spam)
fight back like this?
Daniel
_______________________________________________
swinog mailing list
[EMAIL PROTECTED]
http://lists.init7.net/cgi-bin/mailman/listinfo/swinog
