[dns-operations] a paper on resisting spoofed traffic at dns servers
paul at vix.com
Tue Apr 4 14:18:09 UTC 2006
at http://www.ecsl.cs.sunysb.edu/~fanglu/dos_dns2.pdf we see
The general strategy to ascertain the source of a DNS request is to send
a cookie to the requesting host after receiving the first full request,
and require the requesting client to attach the cookie to all subsequent
while i consider this whacky and inpractical, the paper does begin with a
useful overview of the problem space, and it's well written.
thanks to gadi evron for sharing this URL.
More information about the dns-operations