Open Resolver Problems

Dobbins, Roland rdobbins at arbor.net
Tue Mar 26 12:01:32 UTC 2013


On Mar 26, 2013, at 6:50 PM, Jamie Bowden wrote:

> let's suppose I just happen to have, or have access to, a botnet comprised of (tens of) millions of random hosts all over the internet, and I feel like destroying your DNS servers via DDoS;

DNS reflection/amplification attacks aren't intended as attacks against the DNS, per se; they're intended to crush any/all targeted servers and/or fill transit pipes.

Same for SNMP and ntp reflection attacks.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

	  Luck is the residue of opportunity and design.

		       -- John Milton





More information about the NANOG mailing list