nanog mailing list archives
Re: DOS attack against DNS?
From: "william(at)elan.net" <william () elan net>
Date: Mon, 16 Jan 2006 21:20:15 -0800 (PST)
Did you notice that it was class "ANY" and not type "ANY" that Paul noted? I've never ever heard of it being used anywhere....As for ANY query type, what do you think will happen when you query with "ANY" to a host in a domain that is not in your local dns server cache?
And btw if it is in your dns cache, how predictable do you think such results are going to be??? On Tue, 17 Jan 2006, Alon Tirosh wrote:
Not true,. the ANY query has mutliple uses for consolidating multiple diagnostic queries into a single display, and also for diversion monitoring systems on small domains or groups of same. Not all of us have the resources (or time) of large ISPs behind us. On 15 Jan 2006 17:27:40 +0000, Paul Vixie <vixie () vix com> wrote:client xx.xx.xx.xx#6704: query: z.tn.co.za ANY ANY +Eclass "ANY" has no purpose in the real world, not even for debugging. if you see it in a query, you can assume malicious intent. if you hear it in a query, you can safely ignore that query, or at best, map it to class "IN". -- Paul Vixie
Current thread:
- Re: DOS attack against DNS?, (continued)
- Re: DOS attack against DNS? Paul Vixie (Jan 16)
- Re: DOS attack against DNS? Joel Jaeggli (Jan 16)
- Re: DOS attack against DNS? Paul Vixie (Jan 16)
- Re: DOS attack against DNS? Daniel Senie (Jan 16)
- Re: DOS attack against DNS? Mark Andrews (Jan 16)
- Re: DOS attack against DNS? bmanning (Jan 15)
- Re: DOS attack against DNS? Paul Vixie (Jan 15)
- Re: DOS attack against DNS? Mark Andrews (Jan 15)
- Re: DOS attack against DNS? william(at)elan.net (Jan 16)
- Re: DOS attack against DNS? Alon Tirosh (Jan 16)
- Re: DOS attack against DNS? Joe Shen (Jan 17)
- Re: DOS attack against DNS? Paul Vixie (Jan 17)