DNS Amplification attack?

• Previous message (by thread): DNS Amplification attack?
• Next message (by thread): DNS Amplification attack?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Once upon a time, Kameron Gasso <kgasso-lists at visp.net> said:
> Fortunately, the spoofed queries are 60 bytes and my REFUSED responses
> are only 59, so it's a terribly inefficient way to DoS someone.
> However, I never said that the DDoS kiddies were smart - doesn't seem to
> be stopping them from trying. :(

Well, it still makes a DDoS, since they can (theoretically) have a bunch
of sources spoofing the IPs, and the packets to the targets have
legitimate source addresses (so they can't easily be blocked by the
target).

-- 
Chris Adams <cmadams at hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.

• Previous message (by thread): DNS Amplification attack?
• Next message (by thread): DNS Amplification attack?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]