[dns-operations] DNS deluge for x.p.ctrc.cc
Gadi Evron
ge at linuxbox.org
Mon Feb 27 23:27:50 UTC 2006
Mike Damm wrote:
>
> On Feb 27, 2006, at 1:50 PM, Gadi Evron wrote:
>
>> Geo. wrote:
>>
>>>> Both George and Joe are right. It is a problem. Still, solving one and
>>>> leaving another untended just because one was used as the attack
>>>> vector
>>>> is silly. Are we to forever leave problem unattended?
>>>
>>>
>>>
>>> Gadi,
>>>
>>> I'm unclear on what you are suggesting. What problem is left
>>> unattended with
>>> DNS if you cannot spoof UDP packets?
>>
>>
>> Recursive servers. There is no reason why this can't be abused in other
>> means. ping -f was pretty interesting in the day.
>>
>> No?
>>
>> If we stop being mathematicians for a second trying to understand how
>> everything works and making it work better, and be physicists and throw
>> more computing power at it (a bigger botnet) one can potentially, using
>> this or some other means, cause some pretty serious damage.
>>
>> Spoofing just makes this attack "pretty" and a whole lot more efficient.
>
>
> miked at nixon:~$ host irony.com linuxbox.org
> Using domain server:
> Name: linuxbox.org
> Address: 24.155.83.21#53
> Aliases:
>
> irony.com has address 24.97.85.139
> miked at nixon:~$
>
> :)
That's right. :)
More information about the dns-operations
mailing list