[dns-operations] does anybody know why yahoo+akamai are doing this?

Edward Lewis Ed.Lewis at neustar.biz
Thu Mar 23 19:59:34 UTC 2006

At 19:08 +0000 3/23/06, Paul Vixie wrote:

>reflection is enough.  doesn't have to be amplified to be painful.  the fact
>that it's from udp/53 will mean it gets through some victim rate limiters
>where an icmp reply (or other non-amplified reflective attacks) would not.

Can't the originator of the attack source the packets on 53?

(Editorial note - yeah, this has strayed quite a distance from the 
original question, but I'm trying to make sure the problem is clear.)

Edward Lewis                                                +1-571-434-5468

Nothin' more exciting than going to the printer to watch the toner drain...

More information about the dns-operations mailing list