Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Verisign abusing .COM/.NET monopoly, BIND releases new

From: Michael Renzmann <security () dylanic de>
Date: Wed, 17 Sep 2003 13:18:35 +0200
Hi.

Rainer Gerhards wrote:

I think they have underestimated the number
of typos and as such under-powered the machine. A good indication is the
single IP (even though that eventually is a reverse proxy).


I agree.
As a side note: could it be possible to DoS name servers by querying tons of non-existant .net domains? As example, if several users of a DSL provider try to query random and thus most probably non-existing .net domains that now all deliver the afore mentioned IP as result, could it be possible to bring the DNS servers down? I guess not, because those servers should be able to throw away old queries in case a configured memory limit is reached. On the other hand this could cause additional traffic and slower responses for other customers as valid DNS entries have to be re-queried from the DNS-uplinks. Am I right with this? 

Bye, Mike

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: