Hi
They're rather trying to prevent Spammers (and other scum) from
> abusing their DNS servers, by disabling recursion for non-trusted > hosts.
Have a look at: http://www.securityfocus.com/archive/1/336958/2003-09-06/2003-09-12/0
Interesting read. To summarize the rather lenghty text:
1. Spammer registers throwaway-domain, so he can spam with a valid "From" address. 2. Spammer populates some victim's DNS cache with information about his domain. TTL is set very high so this data will not expire in cache. 3. Spammer changes the authoritative DNS servers of his domain to that cache, which will then respond to requests for this domain.
Now's the part I don't quite understand:
4. Because [someone] wants to stop this domain from working, the DNS servers for this Domain will be attacked (DDoS, whatever).
I know that RBL servers are quite a popular target among black hats, but c'mon, since when do good guys (=the victims of spam) fight back like this?
Daniel
_______________________________________________ swinog mailing list [EMAIL PROTECTED] http://lists.init7.net/cgi-bin/mailman/listinfo/swinog