lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <3F68430B.2050809@dylanic.de>
From: security at dylanic.de (Michael Renzmann)
Subject: Verisign abusing .COM/.NET monopoly, BIND releases
 new

Hi.

Rainer Gerhards wrote:
> I think they have underestimated the number
> of typos and as such under-powered the machine. A good indication is the
> single IP (even though that eventually is a reverse proxy).

I agree.

As a side note: could it be possible to DoS name servers by querying 
tons of non-existant .net domains? As example, if several users of a DSL 
provider try to query random and thus most probably non-existing .net 
domains that now all deliver the afore mentioned IP as result, could it 
be possible to bring the DNS servers down? I guess not, because those 
servers should be able to throw away old queries in case a configured 
memory limit is reached. On the other hand this could cause additional 
traffic and slower responses for other customers as valid DNS entries 
have to be re-queried from the DNS-uplinks. Am I right with this?

Bye, Mike

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ