[87942] in North American Network Operators' Group
Re: DOS attack against DNS?
daemon@ATHENA.MIT.EDU (bmanning@vacation.karoshi.com)
Sun Jan 15 17:25:11 2006
Date: Sun, 15 Jan 2006 22:24:38 +0000
From: bmanning@vacation.karoshi.com
To: Paul Vixie <vixie@vix.com>
Cc: nanog@merit.edu
In-Reply-To: <g38xthmmer.fsf@sa.vix.com>
Errors-To: owner-nanog@merit.edu
On Sun, Jan 15, 2006 at 05:27:40PM +0000, Paul Vixie wrote:
>
> > client xx.xx.xx.xx#6704: query: z.tn.co.za ANY ANY +E
>
> class "ANY" has no purpose in the real world, not even for debugging. if
> you see it in a query, you can assume malicious intent. if you hear it in
> a query, you can safely ignore that query, or at best, map it to class "IN".
> --
> Paul Vixie
er... i guess that is true, although the DNS does work for
things other than IP based networks... dispite our respective
best efforts to cripple it.
--bill
