nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: DNS Amplification Attacks

From: Joseph S D Yao <jsdy () center osis gov>
Date: Fri, 24 Mar 2006 15:45:53 -0500

On Thu, Mar 23, 2006 at 09:35:34AM +0000, Michael.Dillon () btradianz com wrote:

DNS looking glasses, in much the same way that we use web-form based
BGP or traceroute looking glasses today.


Open resolvers are far better then looking glasses to assess the state
of DNS, and we are campaigning against them.  You can't have it both
ways. 8-(


What is the definition of "DNS Looking Glass"?
If it is a PERL CGI script then I would agree with you.
If it is a DNS proxy that applies rate limiting
and damping then I disagree with you. 


I believe he's talking about things like the Looking Glass Web sites.
The one I wrote was a simple hardened shell script that called local
resources to do its thing.


-- 
Joe Yao
-----------------------------------------------------------------------
   This message is not an official statement of OSIS Center policies.
Previous By Date Next
Previous By Thread Next

Current thread: