[169211] in North American Network Operators' Group
Re: random dns queries with random sources
daemon@ATHENA.MIT.EDU (Dobbins, Roland)
Tue Feb 18 22:48:12 2014
From: "Dobbins, Roland" <rdobbins@arbor.net>
To: North American Networking and Offtopic Gripes List <nanog@nanog.org>
Date: Wed, 19 Feb 2014 03:46:39 +0000
In-Reply-To: <530425B3.3070008@ttec.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Feb 19, 2014, at 10:32 AM, Joe Maimon <jmaimon@ttec.com> wrote:
> How is this any more effective then sending it direct?
If they're attacking the authoritative DNS servers for 5kkx.com, just refle=
cting gives them indirection and presumably makes traceback harder for 5kkx=
.com (at least, in the minds of the attackers).
Or maybe they're trying to game 5kkx.com into blocking requests from the re=
cursive servers in question, for some reason.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com>
Luck is the residue of opportunity and design.
-- John Milton
