nanog mailing list archives

Re: DNS Amplification attack?

From: Christopher Morrow <morrowc.lists () gmail com>
Date: Tue, 20 Jan 2009 21:47:57 -0500

On Tue, Jan 20, 2009 at 9:35 PM, Kameron Gasso <kgasso-lists () visp net> wrote:

Fortunately, the spoofed queries are 60 bytes and my REFUSED responses
are only 59, so it's a terribly inefficient way to DoS someone.


bind has a 'blackhole' capabilty... which doesn't seem to reply with
anything (from my quick testing)

-chris

Current thread:

DNS Amplification attack? Wil Schultz (Jan 20)
- Re: DNS Amplification attack? Raoul Bhatia [IPAX] (Jan 20)
- Re: DNS Amplification attack? David W. Hankins (Jan 20)
  - Re: DNS Amplification attack? Mark Andrews (Jan 20)
  - Re: DNS Amplification attack? David Coulthart (Jan 21)
- Re: DNS Amplification attack? Kameron Gasso (Jan 20)
  - Re: DNS Amplification attack? Christopher Morrow (Jan 20)
    - Re: DNS Amplification attack? Kameron Gasso (Jan 20)
    - Re: DNS Amplification attack? Christopher Morrow (Jan 20)
    - Re: DNS Amplification attack? Chris Adams (Jan 20)
    - Re: DNS Amplification attack? Stuart Henderson (Jan 21)
- <Possible follow-ups>
- Re: DNS Amplification attack? jay (Jan 20)
  - Re: DNS Amplification attack? Chris Adams (Jan 20)
    - Re: DNS Amplification attack? jay (Jan 20)
  - Re: DNS Amplification attack? Mark Andrews (Jan 20)
    - Re: DNS Amplification attack? Crist Clark (Jan 21)
    - Re: DNS Amplification attack? Chris Adams (Jan 21)
    - Re: DNS Amplification attack? Mark Andrews (Jan 21)
    - Re: DNS Amplification attack? Paul Vixie (Jan 21)

(Thread continues...)