[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Open Resolver Problems

On Mar 26, 2013, at 7:07 PM, Patrick W. Gilmore wrote:

> To be more clear, the point of DNS reflection attacks is to amplify the amount of bandwidth the botnet can muster (and perhaps hide the true source).

Yes, hence the 'amplification' part.


More than hiding the actual sources, I think it's more about making it difficult (at first blush) for folks to seine out and filter the attack traffic from the normal 'background radiation' of legitimate traffic.

> And far too many other things. :(

Good point - game servers, etc.

Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

	  Luck is the residue of opportunity and design.

		       -- John Milton