[dns-operations] DNS deluge for x.p.ctrc.cc
Mike Damm
mike at damm.info
Mon Feb 27 23:27:37 UTC 2006
On Feb 27, 2006, at 1:50 PM, Gadi Evron wrote:
> Geo. wrote:
>>> Both George and Joe are right. It is a problem. Still, solving
>>> one and
>>> leaving another untended just because one was used as the attack
>>> vector
>>> is silly. Are we to forever leave problem unattended?
>>
>>
>> Gadi,
>>
>> I'm unclear on what you are suggesting. What problem is left
>> unattended with
>> DNS if you cannot spoof UDP packets?
>
> Recursive servers. There is no reason why this can't be abused in
> other
> means. ping -f was pretty interesting in the day.
>
> No?
>
> If we stop being mathematicians for a second trying to understand how
> everything works and making it work better, and be physicists and
> throw
> more computing power at it (a bigger botnet) one can potentially,
> using
> this or some other means, cause some pretty serious damage.
>
> Spoofing just makes this attack "pretty" and a whole lot more
> efficient.
miked at nixon:~$ host irony.com linuxbox.org
Using domain server:
Name: linuxbox.org
Address: 24.155.83.21#53
Aliases:
irony.com has address 24.97.85.139
miked at nixon:~$
:)
-Mike
More information about the dns-operations
mailing list