[41448] in bugtraq
Re: DNS query spam
daemon@ATHENA.MIT.EDU (Piotr Kamisiski)
Thu Dec 1 16:33:25 2005
From: "Piotr Kamisiski" <rotunda@ktd.krakow.pl>
Date: Thu, 1 Dec 2005 21:00:02 +0100 (CET)
To: fugi@bl.org
Cc: bugtraq@securityfocus.com
In-Reply-To: <20051129220045.22644.qmail@securityfocus.com>
Message-ID: <Pine.LNX.4.63.0512012057220.24322@raq.ktd.krakow.pl>
MIME-Version: 1.0
Content-Type: MULTIPART/MIXED; BOUNDARY="827350393-1507159068-1133467202=:24322"
This message is in MIME format. The first part should be readable text,
while the remaining parts are likely unreadable without MIME-aware tools.
--827350393-1507159068-1133467202=:24322
Content-Type: TEXT/PLAIN; charset=iso-8859-2; format=flowed
Content-Transfer-Encoding: QUOTED-PRINTABLE
Ok, nice that this has been clarified. I'm still wondering why this kind=20
of attack reached me just recently, considering the method has been known=
=20
for a long time.
On Tue, 29 Nov 2005, fugi@bl.org wrote:
> DNS traffic is UDP, source is spoofed, you setup a large record and reque=
st it from the victim's IP to a list of nameservers.
>
> http://packetstormsecurity.org/DoS/ihateperl.pl
>
> nothing new
>
Best regards,
Piotr Kamisi=F1ski
--827350393-1507159068-1133467202=:24322--
