Home page logo

nanog logo nanog mailing list archives

Re: DNS Amplification attack?
From: Chris Adams <cmadams () hiwaay net>
Date: Tue, 20 Jan 2009 21:07:30 -0600

Once upon a time, Kameron Gasso <kgasso-lists () visp net> said:
Fortunately, the spoofed queries are 60 bytes and my REFUSED responses
are only 59, so it's a terribly inefficient way to DoS someone.
However, I never said that the DDoS kiddies were smart - doesn't seem to
be stopping them from trying. :(

Well, it still makes a DDoS, since they can (theoretically) have a bunch
of sources spoofing the IPs, and the packets to the targets have
legitimate source addresses (so they can't easily be blocked by the

Chris Adams <cmadams () hiwaay net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]