Penetration Testing mailing list archives

Re: bind9 crash

From: Jon Kibler <Jon.Kibler () aset com>
Date: Fri, 11 Jul 2008 09:47:03 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Ron Gutierrez wrote:

I'm working on a project that requires me to find some ways to cause
mayhem to a network.
I'm trying to knock down a bind9 server and so far have been
unsuccessful.

<SNIP>

Flood it queries that forces it to go to multiple other servers to
retrieve very large (4K+) TXT records (with TTL < 10). That is how most
of the DDoS attacks against the root servers work.

Jon Kibler
- --
Jon R. Kibler
Chief Technical Officer
Advanced Systems Engineering Technology, Inc.
Charleston, SC  USA
o: 843-849-8214
c: 843-224-2494
s: 843-564-4224

My PGP Fingerprint is:
BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkh3ZFcACgkQUVxQRc85QlNffwCeNequ14EfKVef5xO41tuKZPXT
86UAn1CA5/HK37SCT4g/5TYbjJMI5T2X
=7/KE
-----END PGP SIGNATURE-----




==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in 
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------

Current thread:

bind9 crash Ron Gutierrez (Jul 10)
- RE: bind9 crash Trent Williams (Jul 10)
- Re: bind9 crash Patrick Webster (Jul 10)
  - Re: bind9 crash Secure Scorp (Jul 10)
    - Re: bind9 crash Tonnerre Lombard (Jul 11)
- Re: bind9 crash Jon Kibler (Jul 11)
- RE: bind9 crash Maxime Ducharme (Jul 11)
- Re: bind9 crash pinowudi (Jul 12)
- Re: bind9 crash White Hat (Jul 12)