[dns-operations] Amplification attack today ?

Pete Ehlke pde at rfc822.net
Mon Mar 5 16:04:25 UTC 2007


On Mon Mar 05, 2007 at 12:58:24 +0100, Peter Dambier wrote:
>
>At the pirates party and especialy at ARL (A)ssociation des (R)acines (L)ibres
>we are testing an /etc/named.conf that works without rootservers. We need no
>root-servers.net and no alternatives.
>
>named.conf looks something like
>
>...
>
>zone "de" {
>type stub;
>file "stub/de";
>masters { 193.0.7.3; 194.246.96.1; 208.48.81.43; 194.246.96.1; 81.91.164.5 };
>};
>
>zone "pirates" {
>type stub;
>file "stub/pirates";
>masters { 88.198.56.107; 205.189.71.34; };
>};
>
>zone "ewe" {
>type stub;
>file "stub/ewe";
>masters { 71.132.98.41; 64.62.206.88; 64.62.206.91; };
>};
>
>...
>
>The file can be send monthly on cdrom or
>weekly via email.
>
And the difference between distributing this and distributing hosts.txt
is exactly what? 

And my reasons to trust you not to

zone "bankofamerica.com" {
  type stub;
  file "stub/bofa.com";
  masters {71.132.98.41;};
}

are exactly what?

Or should I read your .conf every time it comes out and decide what
delegations I personally agree with?



More information about the dns-operations mailing list