nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: New Denial of Service Attack on Panix

From: Matt Ranney <mjr () wacky eit com>
Date: Mon, 16 Sep 1996 19:01:24 -0700 (PDT)
Paul A Vixie writes...



[...]

I don't think you can, there's no pattern.  You could rotate your server
address using a very short DNS TTL, though the attacker can follow the
changes using DNS so this isn't all that useful even if it would be fun.


But if the attacker also followed the changes, then he'd have to be
constantly querying a name server that presumably is somewhat easier
to monitor than some router at some other provider.  Although, I guess
a smart attacker would compile a list of thousands of servers that he
could randomly select from that would happily forward the request for
him, so we're back to pretty much the same old random random source
problem.

It almost seems like it could be a good idea.
-- 
Matt Ranney - mjr () eit com

This is how I sign all my messages.
- - - - - - - - - - - - - - - - -
Previous By Date Next
Previous By Thread Next

Current thread: