[dns-operations] DNS deluge for x.p.ctrc.cc
Stephen Gill
gillsr at cymru.com
Mon Feb 27 19:44:58 UTC 2006
> Why bother testing if its recursive if either way its going to send packets
> back to a victim? Sure its a smaller payload but its still an attack
> vector.
In that case it would just be a standard reflective attack, virtually no
amplification. The same could be said of just about any protocol where a
spoofed query would elicit a response (icmp, tcp, etc). The problem to keep
in mind is the amplification effect caused by open recursive servers and the
ability to spoof requests towards them.
--
Cheers,
Steve, Team Cymru.
http://www.cymru.com
More information about the dns-operations
mailing list