[63721] in North American Network Operators' Group
Re: Sitefinder and DDoS
daemon@ATHENA.MIT.EDU (Howard C. Berkowitz)
Thu Oct 9 16:07:15 2003
In-Reply-To: <00dd01c38e9d$80000340$66160b0a@dellcpx>
Date: Thu, 9 Oct 2003 15:55:08 -0400
To: "Adam Selene" <nospam@vguild.com>, nanog@merit.org
From: "Howard C. Berkowitz" <hcb@gettcomm.com>
Errors-To: owner-nanog-outgoing@merit.edu
> > Let's also assume someone sets up a popular webpage with malware
>> HTML causing it, perhaps with a time delay, to issue rapid GETs to
>> deliberately nonexistent domains.
>
>You don't even have to imagine that.
>
>Imagine a long-term port 80 Denial of Service (DoS) attack against a
>given website (using the website url rather than IP, which is not
>uncommon).
>
>Imagine the attacked domain administrator removes their DNS records
>from the registry to alleviate the attack.
>
>The attack is now directed at the Verisign Sitefinder service.
>
> Adam
OUCH. Yet worse.
