Bugtraq: Re: recursive DNS servers DDoS as a growing DDoS problem

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: recursive DNS servers DDoS as a growing DDoS problem

From: Paul Stepowski <p.stepowski () qut edu au>
Date: Fri, 31 Mar 2006 11:27:17 +1000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Stephen Samuel wrote:
| To put it another way: UDP as a purely connectionless
| protocol is fast becoming a liability in situations where
| significant amplification is possible.

My thoughts exactly.  This attack is possible because of a design limitation of
UDP (and other connectionless protocols).  I realise that DNS is receiving
attention because of it's ubiquity on the Internet, but this type of attack can
leverage any service that responds with a reply packet larger than the initial
query packet where the protocol used is connectionless.  TCP/IP is showing it's
age (again).

Thanks,

Paul
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFELIV14qOLghPAuV0RAvrVAKCZBb85yHnwB3+RAOyqvDocbUQYPwCgzSpV
1nnSrOO74gRDzoZSnNxd2jI=
=Rl7W
-----END PGP SIGNATURE-----

By Date By Thread

Current thread:

Re: recursive DNS servers DDoS as a growing DDoS problem, (continued)
- Re: recursive DNS servers DDoS as a growing DDoS problem Paul Stepowski (Apr 01)
- RE: recursive DNS servers DDoS as a growing DDoS problem Måns Nilsson (Apr 04)
- RE: recursive DNS servers DDoS as a growing DDoS problem Thomas Guyot-Sionnest (Apr 04)
  - RE: recursive DNS servers DDoS as a growing DDoS problem Geo. (Apr 04)
    - Re: recursive DNS servers DDoS as a growing DDoS problem Gadi Evron (Apr 09)
    - Re: recursive DNS servers DDoS as a growing DDoS problem Geo. (Apr 09)