[dns-operations] EDNS0
bmanning at vacation.karoshi.com
bmanning at vacation.karoshi.com
Thu Mar 2 01:05:18 UTC 2006
On Wed, Mar 01, 2006 at 07:02:16AM -0600, Rob Thomas wrote:
> Hi, team.
>
> ] How is that different then amplification with recursive dns servers?
> ] (since in both cases the a smaller request packet of about 40-50 bytes
> ] causes dns server to send large response up to 500bytes to forged
> ] source ip address)
>
> One difference is that the victim would receive the response
> from one (authoritative) name server instead of from 122000
> (recursive) name servers.
>
> Thanks,
> Rob.
if i have a traffic problem, i tend to look to
rate limiting techniques - not shutting down
services. e.g. add -lots- more open recursive
dns servers and each of them being rate limited
to ~10% of first link b/w.
--bill
More information about the dns-operations
mailing list