[dns-operations] DNS deluge for x.p.ctrc.cc
Joe St Sauver
joe at oregon.uoregon.edu
Mon Feb 27 00:46:13 UTC 2006
Paul mentioned:
## Let's call it three in four name servers on average.
#
#<wince>
#
#you'd better not be right about THAT.
See http://dns.measurement-factory.com/surveys/sum1.html (circa October 2005):
"There are an estimated 7.5 million external DNS servers on the public
Internet
"Over 75% domain name servers (of roughly 1.3 million sampled) allow
recursive name service to arbitrary queriers. This opens a name server
to both cache poisoning and denial of service attacks.
"Over 40% allow zone transfers from arbitrary queriers. This exposes a
name server to denial of service attacks and gives attackers
information about internal networks."
Given the size of the sample taken, I suspect the "over 75%" estimate is
pretty trustworthy.
Regards,
Joe
More information about the dns-operations
mailing list