[dns-operations] Statistics from Austria
Frederico A C Neves
fneves at registro.br
Tue Jul 29 08:53:28 UTC 2008
On Tue, Jul 29, 2008 at 10:33:29AM +0200, bert hubert wrote:
> On Tue, Jul 29, 2008 at 12:54:55AM +0100, Ray.Bellis at nominet.org.uk wrote:
> > > If you take these into account, that might be a large quantity of
> > > spotted nodes.
> >
> > Most residential CPE don't have resolvers, they have DNS proxies (of
> > varying quality).
>
> While this is true, anybody doing DNS queries over UDP using a static source
> port is at risk. A full resolver serving a million users is of course a
> bigger bounty than a domestic router serving a single home.
I suppose on proxies the odds of success of this attack are quite low
based on the absence of the cache to poison. A proxy in this situation
works kind like a stateful firewall for DNS packets.
Fred
More information about the dns-operations
mailing list