[dns-operations] DNS deluge for x.p.ctrc.cc

Mike Damm mike at damm.info
Mon Feb 27 23:27:37 UTC 2006

On Feb 27, 2006, at 1:50 PM, Gadi Evron wrote:

> Geo. wrote:
>>> Both George and Joe are right. It is a problem. Still, solving  
>>> one and
>>> leaving another untended just because one was used as the attack  
>>> vector
>>> is silly. Are we to forever leave problem unattended?
>> Gadi,
>> I'm unclear on what you are suggesting. What problem is left  
>> unattended with
>> DNS if you cannot spoof UDP packets?
> Recursive servers. There is no reason why this can't be abused in  
> other
> means. ping -f was pretty interesting in the day.
> No?
> If we stop being mathematicians for a second trying to understand how
> everything works and making it work better, and be physicists and  
> throw
> more computing power at it (a bigger botnet) one can potentially,  
> using
> this or some other means, cause some pretty serious damage.
> Spoofing just makes this attack "pretty" and a whole lot more  
> efficient.

miked at nixon:~$ host irony.com linuxbox.org
Using domain server:
Name: linuxbox.org

irony.com has address
miked at nixon:~$



More information about the dns-operations mailing list