[87932] in North American Network Operators' Group
DOS attack against DNS?
daemon@ATHENA.MIT.EDU (Roy)
Sun Jan 15 01:45:52 2006
Date: Sat, 14 Jan 2006 22:45:06 -0800
From: Roy <garlic@garlic.com>
To: nanog <nanog@merit.edu>
Errors-To: owner-nanog@merit.edu
I just started seeing thousands of DNS queries that look like some sort
of DOS attack. One log entry is below with the IP obscured.
client xx.xx.xx.xx#6704: query: z.tn.co.za ANY ANY +E
When you look at z.tn.co.za you see a huge TXT record.
Is anyone else seeing this attack or am I the lucky one? Is this a
known attack?
Roy
