[dns-operations] Fwd: [AusNOG] Layer 7 - Distrusted Source (within a single AS) Distrusted Distention - Denial of Service Attack
Roland Dobbins
rdobbins at arbor.net
Tue Oct 15 09:04:03 UTC 2013
Damian Menscher <damian at google.com> wrote:
>I'm curious if anyone knows the significance of that 7-byte string?
Absent any information to the contrary, my guess it's the sort of nonsensical padding we often see with synthetically-generated attack traffic, like the weird, malformed DNS semi-queries the attackers generated as the main volumetric component of the 'Operation Ababil' attacks (and targeted at Web servers, go figure).
If anyone has a more cogent explanation, I'd be grateful for clue, thanks!
---------------------------------------
Roland Dobbins <rdobbins at arbor.net>
More information about the dns-operations
mailing list