[dns-operations] How Stack Overflow plans to survive the next DNS attack
edmonds at mycre.ws
Wed Jan 11 21:06:48 UTC 2017
Paul Vixie wrote:
> actually it is, it's just not well documented. given $wrong and $right, where $wrong > $right using serial-number arithmetic as defined for TCP sequence numbers, you do this:
> step 1: set serial = $wrong + 0x7fffffff, send notify, observe transfer
> step 2: set serial = $right, send notify, observe transfer
> obviously this depends on $wrong - $right < 0x80000000, but that's usually the case. if it's not, then more steps or different offsets may be needed in "step 1" above.
> probably this deserves an RFC, perhaps one that also clarified other aspects of NOTIFY.
More information about the dns-operations