[dns-operations] responding to spoofed ANY queries
drc at virtualized.org
Sun Jan 13 01:29:15 UTC 2013
On Jan 12, 2013, at 4:51 PM, Paul Vixie <paul at redbarn.org> wrote:
> in that having only spoofing and not amplification would mean there would be a smaller problem, it's less true.
In a world of million-zombie botnets, amplification is merely icing on the cake.
> the internet is extra-legal because it is extra-national.
While I would agree that national laws do not apply outside of national boundaries (Predator drones not withstanding), pragmatically speaking, in the face of a massive infrastructure outage caused by an attack facilitated by spoofed addresses, I suspect the distinction you are making isn't going to be made by lawmakers.
More to the point, I suspect such nationally-based laws would actually have a positive impact: it would force spoofing to move from domestic circuits to international circuits where the situation is slightly different.
However, I don't think this is really all that related to dns-operations...
More information about the dns-operations