Full Disclosure mailing list archives
Re: DDos counter measures
From: Gael Martinez <gael () magicnet org>
Date: Thu, 14 Aug 2003 20:12:37 -0500
Try some other tests using no A record for windowsupdate.com in your local zone, you will notice that the damages are even smaller doing that instead of localhost (127.0.0.1). Gael On Thu, Aug 14, 2003 at 08:04:54PM +0200, Laurent LEVIER wrote:
All, Since our IntraNet solves all its DNS queries through internal caches (mandatory bottleneck), we created windowsupdate.com & windowsupdate.microsoft.com zones in this bottleneck DNS. These are resolving to 127.0.0.1 with DNS wildcards.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Windows Dcom Worm planned DDoS, (continued)
- Re: Windows Dcom Worm planned DDoS Nick FitzGerald (Aug 12)
- RE: Windows Dcom Worm planned DDoS Wcc (Aug 12)
- Windows Dcom Worm Killer w g (Aug 13)
- Re: Windows Dcom Worm Killer Joey (Aug 13)
- Re: Windows Dcom Worm Killer Nick FitzGerald (Aug 13)
- Re: Windows Dcom Worm Killer and source code w g (Aug 13)
- Windows Dcom Worm Killer w g (Aug 13)
- RE: Windows Dcom Worm planned DDoS VBuster (Aug 12)
- RE: Windows Dcom Worm planned DDoS Chris Eagle (Aug 14)
- DDos counter measures Laurent LEVIER (Aug 14)
- Re: DDos counter measures Nick FitzGerald (Aug 14)
- Re: DDos counter measures Gael Martinez (Aug 14)
- Re: DDos counter measures Charles Ballowe (Aug 15)
- Re: DDos counter measures B3r3n (Aug 15)
- Re: DDos counter measures Vladimir Parkhaev (Aug 14)
- Re: DDos counter measures Matthew Lange (Aug 15)
- RE: Windows Dcom Worm planned DDoS Chris Eagle (Aug 14)
- Re: DDos counter measures B3r3n (Aug 15)