nanog mailing list archives
Re: DNS noise
From: Jimmy Hess <mysidia () gmail com>
Date: Fri, 6 Apr 2012 13:08:31 -0500
On Fri, Apr 6, 2012 at 12:52 PM, PC <paul4004 () gmail com> wrote:
Of course you'd have to actually be running a poorly configured DNS server on that IP for this to work...
Right.... was that IP ever running a DNS service? Picking random IPs to spoof and hope some of the random IPs happen to be DNS servers doesn't sound like a very "efficient" attack. It seems like the attacker would want to 'probe first' before selecting innocent servers to reflect at Perhaps 2 or 3% of the possible random IPs on the internet actually run DNS servers that could possibly respond to spoofed queries? -- -JH
Current thread:
- DNS noise Nathan Eisenberg (Apr 06)
- Re: DNS noise Keegan Holley (Apr 06)
- Re: DNS noise Michael Sinatra (Apr 06)
- Re: DNS noise PC (Apr 06)
- Re: DNS noise Jimmy Hess (Apr 06)
- Re: DNS noise Nick Hilliard (Apr 06)
- Re: DNS noise Jimmy Hess (Apr 06)
- Re: DNS noise David Conrad (Apr 06)
- Re: DNS noise Jimmy Hess (Apr 06)
- Re: DNS noise David Conrad (Apr 06)
- Re: DNS noise Jared Mauch (Apr 06)
- Re: DNS noise Jimmy Hess (Apr 06)
- Re: DNS noise Keegan Holley (Apr 06)
- <Possible follow-ups>
- Re: DNS noise Joe St Sauver (Apr 06)