DDos syn attack
Christopher L. Morrow
chris at UU.NET
Mon Dec 30 19:42:07 UTC 2002
On Mon, 30 Dec 2002, Chris Wedgwood wrote:
> On Mon, Dec 30, 2002 at 08:09:17AM -0800, Randy Bush wrote:
> > actually, a bunch of research now shows that low ttls on A RRs (that
> > are not the A RRs of NS RRs) has little effect.
> maybe this could help find the attacking nwtwork? assuming people are
> using local DNS servers?
> under attack you could sporadically 'lie' about the result... and log
> to whom you lied to... all the time looking for changes in the DDoS
> a fair amount work perhaps...
wow, break bind in a new and horrid way to accomplish this task :) Nice...
perhaps mr. vixie will add this functionality for us?
More information about the NANOG