nanog mailing list archives
RE: The impending DDoS storm
From: "McBurnett, Jim" <jmcburnett () msmgmt com>
Date: Wed, 13 Aug 2003 12:51:12 -0400
But doesn't that mean the hacker won? If you change the DNS and a user can not get to windowsupdate, you just helped him create a better DoS than he had... J -----Original Message----- From: Lloyd Taylor [mailto:ltaylor () keynote com] Sent: Wednesday, August 13, 2003 12:26 PM To: Jack Bates Cc: nanog () merit edu Subject: Re: The impending DDoS storm Does anyone have any notion of what the Blaster worm will do if the DNS lookup for "windowsupdate.com" returns NXDOMAIN? If it handles this case by not sending any micreant love, might that not be the best way to mitigate the potential damage? --Lloyd On Wed, 13 Aug 2003, Jack Bates wrote:
Date: Wed, 13 Aug 2003 11:10:13 -0500 From: Jack Bates <jbates () brightok net> To: Jason Frisvold <friz () corp ptd net> Cc: "Ingevaldson, Dan (ISS Atlanta)" <dsi () iss net>, Stephen J. Wilcox <steve () telecomplete co uk>, nanog () merit edu Subject: Re: The impending DDoS storm On Wed, 2003-08-13 at 10:55, Ingevaldson, Dan (ISS Atlanta) wrote:-Does one DNS lookup on "windowsupdate.com" and then uses the IPNo, I wouldn't dream of setting windowsupdate.com to 127.0.0.1. Who in their right mind would do that? -Jack
--
Current thread:
- Re: The impending DDoS storm, (continued)
- Re: The impending DDoS storm Randy Bush (Aug 13)
- RE: The impending DDoS storm Jason Frisvold (Aug 13)
- RE: The impending DDoS storm Jason Frisvold (Aug 13)
- Re: The impending DDoS storm Jack Bates (Aug 13)
- Re: The impending DDoS storm Lloyd Taylor (Aug 13)
- Re: The impending DDoS storm Jason Frisvold (Aug 13)
- Re: The impending DDoS storm Dan Hollis (Aug 13)
- Re: The impending DDoS storm Aaron Hopkins (Aug 13)
- Re: The impending DDoS storm Jeff Kell (Aug 14)
- Re: The impending DDoS storm Jack Bates (Aug 13)
- Re: The impending DDoS storm Jack Bates (Aug 13)
- Re: The impending DDoS storm Mark Vallar (Aug 13)
- RE: The impending DDoS storm Christopher Chin (Aug 14)
- RE: The impending DDoS storm Kevin Houle (Aug 14)
- Re: The impending DDoS storm Michael Painter (Aug 14)
- RE: The impending DDoS storm Darren Richer (Aug 14)