DNS Amplification Attacks
Joseph S D Yao
jsdy at center.osis.gov
Fri Mar 24 20:45:53 UTC 2006
On Thu, Mar 23, 2006 at 09:35:34AM +0000, Michael.Dillon at btradianz.com wrote:
> > > DNS looking glasses, in much the same way that we use web-form based
> > > BGP or traceroute looking glasses today.
> >
> > Open resolvers are far better then looking glasses to assess the state
> > of DNS, and we are campaigning against them. You can't have it both
> > ways. 8-(
>
> What is the definition of "DNS Looking Glass"?
> If it is a PERL CGI script then I would agree with you.
> If it is a DNS proxy that applies rate limiting
> and damping then I disagree with you.
I believe he's talking about things like the Looking Glass Web sites.
The one I wrote was a simple hardened shell script that called local
resources to do its thing.
--
Joe Yao
-----------------------------------------------------------------------
This message is not an official statement of OSIS Center policies.
More information about the NANOG
mailing list