[dns-operations] does it matter when nameserver recs have non-matching PTRs ?

Roland Dobbins rdobbins at arbor.net
Sat Aug 1 18:33:58 UTC 2015

On 2 Aug 2015, at 0:03, Mark Jeftovic wrote:

> DNS ops for ns1.example.com change it's IP to route queries to another 
> location, say: ddos1.example.com

The attack will just follow it to the new IP address and pummel *that*.  
Sometimes automagically due to automation in the attack tools, sometimes 
after a delay when the attacker checks manually.

Moving IP addresses around hasn't been a valid DDoS defense tactic for 
about 15 years, now.

Roland Dobbins <rdobbins at arbor.net>

More information about the dns-operations mailing list