[110860] in North American Network Operators' Group
Re: DNS Amplification attack?
daemon@ATHENA.MIT.EDU (Christopher Morrow)
Tue Jan 20 21:48:03 2009
In-Reply-To: <49768A07.7060105@visp.net>
Date: Tue, 20 Jan 2009 21:47:57 -0500
From: Christopher Morrow <morrowc.lists@gmail.com>
To: kgasso@visp.net
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On Tue, Jan 20, 2009 at 9:35 PM, Kameron Gasso <kgasso-lists@visp.net> wrote:
> Fortunately, the spoofed queries are 60 bytes and my REFUSED responses
> are only 59, so it's a terribly inefficient way to DoS someone.
bind has a 'blackhole' capabilty... which doesn't seem to reply with
anything (from my quick testing)
-chris
