[dns-operations] DNS deluge for x.p.ctrc.cc

Stephen Gill gillsr at cymru.com
Mon Feb 27 19:44:58 UTC 2006

> Why bother testing if its recursive if either way its going to send packets
> back to a victim?  Sure its a smaller payload but its still an attack
> vector.

In that case it would just be a standard reflective attack, virtually no
amplification.  The same could be said of just about any protocol where a
spoofed query would elicit a response (icmp, tcp, etc).  The problem to keep
in mind is the amplification effect caused by open recursive servers and the
ability to spoof requests towards them.
Steve, Team Cymru.

More information about the dns-operations mailing list