[94698] in North American Network Operators' Group
Re: what the heck do i do now?
daemon@ATHENA.MIT.EDU (Jon Lewis)
Thu Feb 1 16:08:40 2007
Date: Thu, 1 Feb 2007 15:51:47 -0500 (EST)
From: Jon Lewis <jlewis@lewis.org>
To: Justin Shore <justin@justinshore.com>
Cc: Paul Vixie <paul@vix.com>, nanog@merit.edu
In-Reply-To: <45C24FD1.7060205@justinshore.com>
Errors-To: owner-nanog@merit.edu
On Thu, 1 Feb 2007, Justin Shore wrote:
> Jon Lewis wrote:
>> 2) maps.vix.com. 604800 IN NS u1.vix.com.
>> maps.vix.com. 604800 IN NS u2.vix.com.
>> maps.vix.com. 604800 IN NS u3.vix.com.
>> ... [as many as you like]
>> u1.vix.com. 604800 IN A 192.0.2.1
>> u2.vix.com. 604800 IN A 192.0.2.2
>> u3.vix.com. 604800 IN A 192.0.2.3
>> ... [as many as you like]
>>
>> 1) just tells them there is no NS, go away.
>>
>> 2) gives them someone unreachable to try, which they'll do, and do, and do,
>> wasting lots of retransmitted queries and the time it takes them to
>> timeout. If you're lucky, the timeouts might be noticed as increased load
>> and mail slowdown on the servers sending these queries.
>
> Or you could just point them at a spammer's DNS. That's what the query is
> all about anyhow. Just let the spammer give the appropriate response.
> Wouldn't that be fun? I wonder how beefy Linhardt's NSs are....
Yeah, that'd be barrels of fun when the spammer sues you for orchestrating
a DDoS against them in the form of bogus DNS queries.
Next.
----------------------------------------------------------------------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
