[dns-operations] Force TCP for external quereis to Open Resolvers?
Jim Reid
jim at rfc1035.com
Sun Mar 31 16:23:26 UTC 2013
On 31 Mar 2013, at 17:09, Vernon Schryver <vjs at rhyolite.com> wrote:
> What's the profit for the bad guy in spending 10 bps of botnet
> bandwidth to reflect 9 bps at the target?
Having the reflected traffic appear to come from trusted name servers instead of his botnet perhaps? Though since the botnet almost certainly won't implement BCP38, I suppose the bad guy could put bogus source addresses in the outgoing packets anyway,
More information about the dns-operations
mailing list