[dns-operations] "it's like having a pizza delivered to a friend's house as a prank."
Pierre Baume
pierre at baume.org
Thu Mar 23 18:00:27 UTC 2006
On 3/23/06, Per Heldal <heldal at eml.cc> wrote:
[...]
> And sure, spoofed traffic can be hard to detect, but this doesn't mean
> > none of it can be detected. Specially when attacks last for hours/days.
>
> This isn't about detecting random spoofed packets.
Sure, but what about when spoofing is prevented from some subnets but not
others, through incompetence or malice?
> PS: And of course, in parallel, we could fix UDP so that packets sent in
> > either direction have the same size. But that might take longer. ;-)
>
> ... besides being a joke, it also misses the fact that spoofing may be
> used just to hide the presence of bots with no amplification.
The 2 problems of spoofing and amplification are orthogonal (they do make
a nice combination). Both deserve to be fixed, IMHO. It's just a matter of
(relatively) easy wins first.
Pierre.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20060323/3ab36f60/attachment.html>
More information about the dns-operations
mailing list