[dns-operations] does anybody know why yahoo+akamai are doing this?
Ed.Lewis at neustar.biz
Thu Mar 23 19:59:34 UTC 2006
At 19:08 +0000 3/23/06, Paul Vixie wrote:
>reflection is enough. doesn't have to be amplified to be painful. the fact
>that it's from udp/53 will mean it gets through some victim rate limiters
>where an icmp reply (or other non-amplified reflective attacks) would not.
Can't the originator of the attack source the packets on 53?
(Editorial note - yeah, this has strayed quite a distance from the
original question, but I'm trying to make sure the problem is clear.)
Edward Lewis +1-571-434-5468
Nothin' more exciting than going to the printer to watch the toner drain...
More information about the dns-operations