[dns-operations] "it's like having a pizza delivered to a friend's house as a prank."
pierre at baume.org
Thu Mar 23 18:00:27 UTC 2006
On 3/23/06, Per Heldal <heldal at eml.cc> wrote:
> And sure, spoofed traffic can be hard to detect, but this doesn't mean
> > none of it can be detected. Specially when attacks last for hours/days.
> This isn't about detecting random spoofed packets.
Sure, but what about when spoofing is prevented from some subnets but not
others, through incompetence or malice?
> PS: And of course, in parallel, we could fix UDP so that packets sent in
> > either direction have the same size. But that might take longer. ;-)
> ... besides being a joke, it also misses the fact that spoofing may be
> used just to hide the presence of bots with no amplification.
The 2 problems of spoofing and amplification are orthogonal (they do make
a nice combination). Both deserve to be fixed, IMHO. It's just a matter of
(relatively) easy wins first.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the dns-operations