[dns-operations] RIPE-52 preso on DNS issues, author comments on Slashdot. author comments on Slashdot. author comments on Slashdot.
Sam at ChangeIP.com
Wed Apr 26 19:47:59 UTC 2006
Great, so a CoDoNS farm could be used to ddos 'legacy' dns servers because
most of our records are 30 seconds ttl? Someone generating a ton of queries
to the beehive could let it take care of querying us for the rest of its
life? That's bad.
----- Original Message -----
From: "Duane Wessels" <wessels at packet-pushers.com>
To: <dns-operations at lists.oarci.net>
Sent: 04/26/2006 12:40 PM
Subject: [Spam] [SpamSA] Re: [dns-operations] RIPE-52 preso on DNS issues,
author comments on Slashdot. author comments on Slashdot. author comments on
>> So does anyone have any feelings/thoughts, etc about CoDoNS?
> Unfortunatley I don't have anything of substance to say on its
> architecture. But I did notice something interesting about the
> CoDoNS server: It automatically refreshes expired cache entries.
> So say, for example, you have a lot of names in your zone with very
> short TTLs, and you manage to get those names into CoDoNS caches.
> You'll get repeated queries when the TTL expires, even if no users
> request them.
> In my case I'm sending probes to test for open resolvers. Each
> probe has a unique name (e.g. 21d76597bde465c1.test.$myzone)
> and a 60-second TTL. I'm seeing a lot of repeats from places
> that fpdns calls Beehive CoDoNS.
> Duane W.
> dns-operations mailing list
> dns-operations at lists.oarci.net
More information about the dns-operations