[dns-operations] How many kinds of DNS DoS attacks are we trying to stop ?

Stephane Bortzmeyer bortzmeyer at nic.fr
Thu Sep 27 20:18:01 UTC 2012

On Thu, Sep 27, 2012 at 01:19:53PM -0400,
 Phil Pennock <dnsop+phil at spodhuis.org> wrote 
 a message of 69 lines which said:

> Experiment to see if OS fingerprinting yields useful signal on DNS
> UDP queries (I suspect not?).

I'm not an expert in OS fingerprinting but, judging from the traffic
of today's fingerprinting tools (I tried with nmap), it takes tenths
of packets exchanged with the target to get an idea of the OS it
uses. I don't think that one only UDP packet coming in cannot yield
anything interesting.

More information about the dns-operations mailing list