Bugtraq: Re: recursive DNS servers DDoS as a growing DDoS problem

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: recursive DNS servers DDoS as a growing DDoS problem

From: Michael Sierchio <kudzu () tenebras com>
Date: Fri, 17 Mar 2006 16:37:10 -0800

Robert Story wrote:

VG> In the scenario you describe, I cannot see any actual amplification...

The amplification isn't in the number of hosts responding, but in packet size.
A very small DNS request packet results in a huge response packet.


Are you talking about rogue authoritative servers?  Otherwise, responses
will be limited to 512 bytes, possibly with the truncation bit set.

By Date By Thread

Current thread:

Re: recursive DNS servers DDoS as a growing DDoS problem v9 (Mar 01)
- Message not available
  - Re: recursive DNS servers DDoS as a growing DDoS problem v9 (Mar 02)
- <Possible follow-ups>
- Re: recursive DNS servers DDoS as a growing DDoS problem Gadi Evron (Mar 02)
- Re: recursive DNS servers DDoS as a growing DDoS problem Ventsislav Genchev (Mar 10)
  - Re: recursive DNS servers DDoS as a growing DDoS problem Robert Story (Mar 17)
    - Re: recursive DNS servers DDoS as a growing DDoS problem Michael Sierchio (Mar 20)
- Re: recursive DNS servers DDoS as a growing DDoS problem Chris Thompson (Mar 23)
  - Re: recursive DNS servers DDoS as a growing DDoS problem Anton Ivanov (Mar 27)
- Re: recursive DNS servers DDoS as a growing DDoS problem MaddHatter (Mar 25)
  - Re: recursive DNS servers DDoS as a growing DDoS problem Gadi Evron (Mar 25)
    - Re: recursive DNS servers DDoS as a growing DDoS problem Geo. (Mar 27)