[dns-operations] DNS reflection useful without amplification? (was: if you're banning ANY queries, don't forget to ban SOA as well)
Roland Dobbins
rdobbins at arbor.net
Wed Sep 7 03:32:39 UTC 2016
On 7 Sep 2016, at 10:16, Shane Kerr wrote:
> After all, an attacker that can use reflection can already spoof the
> source address of their packets.
I already addressed this (heh) earlier in the thread.
> So... can you or anyone else provide any some convincing evidence for
> the utility of DNS reflection to an attacker?
It's already been explained in this thread, multiple time.
> Has anyone seen their servers be used in non-amplification DNS
> reflection attacks?
No, because amplification is 'free'. Were amplification *not* 'free',
attackers would still use reflection - that's the point.
-----------------------------------
Roland Dobbins <rdobbins at arbor.net>
More information about the dns-operations
mailing list