[dns-operations] DNS reflection useful without amplification?

Paul Vixie paul at redbarn.org
Thu Sep 8 05:25:15 UTC 2016



Damian Menscher wrote:
> > ...
> As I said earlier in this thread, reflection without amplification is
> nearly indistinguishable from a direct (spoofed) attack.  ...

and as i, and roland, and others have all said, the distinction is more 
notable in our experience than in your claim.

when calling NOC's looking for bumps in traffic graphs that might only 
match to one or two sigmas, a reflected attack is in practical terms 
untraceable.

i think google is so all-powerful and your network edge so all-seeing 
that you don't know how the rest of us live, or what straws we have to 
clutch.

-- 
P Vixie



More information about the dns-operations mailing list