really nasty attacks

• Previous message (by thread): guys != gender neutral
• Next message (by thread): really nasty attacks
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Sep 27, 2012 at 12:12:50PM -0400,
 Patrick W. Gilmore <patrick at ianai.net> wrote 
 a message of 32 lines which said:

> I do not know of any name servers that reply to queries with UDP
> packets filled with only the letter X.  The DNS Headers alone
> require more than the letter "X".

Yes, you're right but I'm not sure we should take the original report
too litterally. May be he meant there were a lot of X in the packets
(and he missed the headers), which is consistent with DNS "large TXT"
attacks such as the one described in
<http://technet.microsoft.com/en-us/security/hh972393.aspx> (where the
attacker filled with consecutive numbers, not X).

Anyway, without the actual pcap file, it is only speculation.

• Previous message (by thread): guys != gender neutral
• Next message (by thread): really nasty attacks
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]