| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 25 Mar 2006 18:06:58 +0200 From: Gadi Evron <ge@...uxbox.org> To: MaddHatter <maddhatt+bugtraq@....pdx.edu> Cc: bugtraq@...urityfocus.com Subject: Re: recursive DNS servers DDoS as a growing DDoS problem MaddHatter wrote: >>We discussed recursive DNS servers before (servers which allow to query >>anything - including what they are not authoritative for, through them). >>... >>One of the problems is obviously the spoofing. ... > > > Maybe I'm misunderstanding the problem here (but I don't think so). It > seems to be the issue is not DNS -- recursive or not, but rather a failure > to adhere to BCP 38. > http://rfc.net/bcp38.html > > One may get easier/larger amplification from a recursive DNS server, > but the same problem exists for a non-recursive server. DNS, then, isn't > really where the problem needs to be fixed. You are right, to a degree. Spoofing is indeed the attack vector and it can also be utilized for NTP, ICMP, etc. It is to blame. Still, DNS is what's being exploited and in my opinion a broken feature being exploited needs fixing, or it will be exploited.
Powered by blists - more mailing lists