[dns-operations] "NS .", the attack of the month?
Stephane Bortzmeyer
bortzmeyer at nic.fr
Sat Jan 24 22:45:22 UTC 2009
On Sun, Jan 25, 2009 at 08:39:27AM +1000,
Noel Butler <noel.butler at ausics.net> wrote
a message of 65 lines which said:
> iptables -A INPUT -p udp --dport 53 -m u32 --u32
> "0>>22&0x3C at 12>>16=1&&0>>22&0x3C at 20>>24=0&&0>>22&0x3C at 21=0x00020001" -j
> DROP
Cute :-) I hesitate to deploy a trick that I have trouble to
verify. Isn't it better to just follow the recommendations in
<https://www.dns-oarc.net/oarc/articles/upward-referrals-considered-harmful>?
More information about the dns-operations
mailing list