[dns-operations] DNS deluge for x.p.ctrc.cc

Joe St Sauver joe at oregon.uoregon.edu
Mon Feb 27 00:46:13 UTC 2006

Paul mentioned:

## Let's call it three in four name servers on average.
#you'd better not be right about THAT.

See http://dns.measurement-factory.com/surveys/sum1.html (circa October 2005):

"There are an estimated 7.5 million external DNS servers on the public

"Over 75% domain name servers (of roughly 1.3 million sampled) allow
recursive name service to arbitrary queriers. This opens a name server
to both cache poisoning and denial of service attacks. 

"Over 40% allow zone transfers from arbitrary queriers. This exposes a
name server to denial of service attacks and gives attackers
information about internal networks."

Given the size of the sample taken, I suspect the "over 75%" estimate is
pretty trustworthy.



More information about the dns-operations mailing list