BugTraq
recursive DNS servers DDoS as a growing DDoS problem Feb 28 2006 11:05AM
Gadi Evron (ge linuxbox org) (2 replies)
Re: recursive DNS servers DDoS as a growing DDoS problem Mar 25 2006 09:40AM
MaddHatter maddhatt+bugtraq (at) cat.pdx (dot) edu [email concealed] (maddhatt+bugtraq cat pdx edu) (1 replies)
Re: recursive DNS servers DDoS as a growing DDoS problem Mar 25 2006 04:06PM
Gadi Evron (ge linuxbox org) (1 replies)
Re: recursive DNS servers DDoS as a growing DDoS problem Mar 26 2006 04:34PM
Geo. (geoincidents nls net) (3 replies)
Re: recursive DNS servers DDoS as a growing DDoS problem Mar 28 2006 12:43AM
Stephen Samuel (samuel bcgreen com) (1 replies)
Geo. wrote:
> What feature of DNS is being exploited, UDP or the fact that there are a lot
> of dns servers you can use?
>
I think that this is probably a better point than you think.
It's almost impossible to change the design of the DNS
protocol now but, going foreward, I think that we do
need to add to the best-practices list that any UDP based
protocol that has an ability to produce packet size
amplification, and that is likely to be available to the
public (i.e. not firewalled off just on principle) should
be modified so that, before large packets get sent
back to a client, that the service have some sort of 'hello'
type protocol that requires that the initiating machine
can prove that it's actually able to receive the packets
that it's causing to be produced. Even something as
simple as syn cookies would probably make amplification
difficult for most attackers.

To put it another way: UDP as a purely connectionless
protocol is fast becoming a liability in situations where
significant amplification is possible.

--
Stephen Samuel +1(778)861-7641 samnospam (at) bcgreen (dot) com [email concealed]
http://www.bcgreen.com/
Powerful committed communication. Transformation touching
the jewel within each person and bringing it to light.

[ reply ]
Re: recursive DNS servers DDoS as a growing DDoS problem Mar 31 2006 01:27AM
Paul Stepowski (p stepowski qut edu au)
Re: recursive DNS servers DDoS as a growing DDoS problem Mar 27 2006 11:42PM
gboyce (gboyce badbelly com)
Re: recursive DNS servers DDoS as a growing DDoS problem Mar 27 2006 11:27PM
mike davis (phar stonedcoder org) (1 replies)
Re: recursive DNS servers DDoS as a growing DDoS problem Mar 28 2006 03:09AM
Geo. (geoincidents nls net) (1 replies)
Re: recursive DNS servers DDoS as a growing DDoS problem Mar 30 2006 08:23PM
Gadi Evron (ge linuxbox org)
Re: recursive DNS servers DDoS as a growing DDoS problem Mar 07 2006 05:26PM
Ventsislav Genchev (vigour1 gmail com) (1 replies)
Re: recursive DNS servers DDoS as a growing DDoS problem Mar 14 2006 11:52AM
Robert Story (rstory-l 2006 revelstone com) (1 replies)
Re: recursive DNS servers DDoS as a growing DDoS problem Mar 18 2006 12:37AM
Michael Sierchio (kudzu tenebras com)


 

Privacy Statement
Copyright 2010, SecurityFocus