[dns-operations] Amplification attack today ?

Stephane Bortzmeyer bortzmeyer at nic.fr
Tue Mar 6 09:06:38 UTC 2007


On Mon, Mar 05, 2007 at 11:57:15PM +0100,
 Peter Dambier <peter at peter-dambier.de> wrote 
 a message of 172 lines which said:

> It is a bind config-file that queries the authoritative TLD servers
> directly without going through the root-servers, just in case you
> are blackholed or the root-servers are attacked again.

This is exactly the same as making your resolvers authoritative for
"." and downloading the root zone. Same features, same problems (see
the discussion in
http://www.circleid.com/posts/attack_internet_root_servers/).
 
> This data is provided by a group of users 

I love that. Within the ICANN system, we know who decides (the US
governement). Within this new system, it is much better: we depend on
"a group of users".




More information about the dns-operations mailing list