Full Disclosure mailing list archives
new dos attack?
From: "Geo." <geoincidents () getinfo org>
Date: Thu, 4 Dec 2003 09:22:06 -0500
Suppose... some spammer registers domains called spammer1.com thru spammer999.com and points them at some small ISP's name servers ns.punynameserver.com and ns1.punynameserver.com unknown to the isp so there is no dns setup for these domains. the spammer then starts doing massive spams where the return address is something () spammerXXX com this results in millions of dns queries to ns.punynameserver.com and ns1.punynameserver.com which then check with the root servers who point to them as authoritave so they query themselves for the domains generating error message after error message. Now assuming you are the ISP, is there any way to get all those domains pointed to somewhere else without having to define them all on your name servers? Can't you fax the registrar or something to park them or is this pretty much a really difficult type of attack to fight off? Geo. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Partial Solution to SUID Problems Todd Burroughs (Dec 04)
- Re: Partial Solution to SUID Problems Gino Thomas (Dec 04)
- new dos attack? Geo. (Dec 04)
- Re: new dos attack? Jonathan A. Zdziarski (Dec 04)
- Re: Partial Solution to SUID Problems Ciro (Dec 05)
- Re: Partial Solution to SUID Problems Vladimir Parkhaev (Dec 05)
- Re: Partial Solution to SUID Problems Todd Burroughs (Dec 06)
- Re: Partial Solution to SUID Problems Henning Brauer (Dec 06)
- Re: Partial Solution to SUID Problems Todd Burroughs (Dec 06)
- Re: Partial Solution to SUID Problems Michal Zalewski (Dec 06)
- Re: Partial Solution to SUID Problems Valdis . Kletnieks (Dec 06)
- Re: Partial Solution to SUID Problems Todd Burroughs (Dec 07)
- Re: Partial Solution to SUID Problems Karl DeBisschop (Dec 07)
- new dos attack? Geo. (Dec 04)
- Re: Partial Solution to SUID Problems Gino Thomas (Dec 04)