nanog mailing list archives

Re: large organization nameservers sending icmp packets to dns servers.

From: Doug Barton <dougb () dougbarton us>
Date: Thu, 9 Aug 2007 15:53:12 -0700 (PDT)


On Wed, 8 Aug 2007, David Conrad wrote:

How many bytes of shell code can you stuff in a 512 byte DNS UDP packet?

How many bytes of shell code can you stuff into a 4096 byte EDNS0 UDPpacket? :)

P.S. I still think blocking TCP/53 is stupid.


Agreed.

--

        If you're never wrong, you're not trying hard enough

Current thread:

Re: Industry best practices (was Re: large organization nameservers, (continued)
- - - Re: Industry best practices (was Re: large organization nameservers Sean Donelan (Aug 11)
    - Re: large organization nameservers sending icmp packets to dns servers. Valdis . Kletnieks (Aug 07)
    - Re: large organization nameservers sending icmp packets to dns servers. Patrick W. Gilmore (Aug 07)
    - Re: large organization nameservers sending icmp packets to dns servers. Donald Stahl (Aug 07)
    - Re: large organization nameservers sending icmp packets to dns servers. Steve Gibbard (Aug 07)
    - Re: large organization nameservers sending icmp packets to dns servers. Andrew Sullivan (Aug 07)
    - RE: large organization nameservers sending icmp packets to dns servers. Jamie Bowden (Aug 08)
    - Re: large organization nameservers sending icmp packets to dns servers. Adrian Chadd (Aug 08)
    - Re: large organization nameservers sending icmp packets to dns servers. Joe Abley (Aug 08)
    - Re: large organization nameservers sending icmp packets to dns servers. David Conrad (Aug 08)
    - Re: large organization nameservers sending icmp packets to dns servers. Doug Barton (Aug 09)
    - Re: large organization nameservers sending icmp packets to dns servers. Matthew Black (Aug 10)
    - Re: large organization nameservers sending icmp packets to dns servers. Chris L. Morrow (Aug 07)
    - RE: large organization nameservers sending icmp packets to dns servers. David Schwartz (Aug 07)
    - Re: large organization nameservers sending icmp packets to dns servers. Valdis . Kletnieks (Aug 07)
    - Re: large organization nameservers sending icmp packets to dns servers. Tony Finch (Aug 08)
    - RE: large organization nameservers sending icmp packets to dns servers. william(at)elan.net (Aug 08)
    - Re: large organization nameservers sending icmp packets to dns servers. Patrick W. Gilmore (Aug 08)
    - Re: large organization nameservers sending icmp packets to dns servers. Stephane Bortzmeyer (Aug 09)
    - Re: large organization nameservers sending icmp packets to dns servers. Chris L. Morrow (Aug 10)
    - Re: large organization nameservers sending icmp packets to dns servers. Duane Wessels (Aug 06)

(Thread continues...)