[dns-operations] Weird TXT record
Stephane Bortzmeyer
bortzmeyer at nic.fr
Wed Jun 22 07:08:14 UTC 2011
On Wed, Jun 22, 2011 at 06:20:34AM +0000,
Dobbins, Roland <rdobbins at arbor.net> wrote
a message of 22 lines which said:
> This technique is quite popular today - the largest DDoS attacks we
> see are DNS reflection/amplification attacks, and DNSSEC deployment
> has made it far easier to elicit a large answer for the
> amplification part.
Any public numbers about the relative importance of "DNSSEC query on a
signed domain" vs. "a big TXT", in amplification attacks? When you say
"DNSSEC deployment has made it far easier", do you refer to a
theoretical analysis or to a real phenomenon seen in the wild?
More information about the dns-operations
mailing list