[dns-operations] RIPE-52 preso on DNS issues, author comments on Slashdot. author comments on Slashdot. author comments on Slashdot.
Duane Wessels
wessels at packet-pushers.com
Wed Apr 26 22:34:16 UTC 2006
On Wed, 26 Apr 2006, Sam Norris said:
> Great, so a CoDoNS farm could be used to ddos 'legacy' dns servers because
> most of our records are 30 seconds ttl? Someone generating a ton of queries
> to the beehive could let it take care of querying us for the rest of its
> life? That's bad.
I haven't fully investigated how persistent they are with refreshing.
I do know that in my case the repeated queries for a given name
eventually stop, either because they have some limits built in, or
because my fake DNS server returns a response that tells them the
name is no longer valid.
Duane W.
More information about the dns-operations
mailing list