[LINK] Open recursive nameservers used for DoS attacks

[Barrie Hall]

Short version:  I had configured my nameserver to accept queries from
                any host on the Net, for domains other than my own.
                This meant it could be used as a DDoS amplifier.

Robin,

The problem with this solution is that Bind 9 still returns your "hints" 
file with this query. I have ended up black holing the spoofed address.  (I 
don't have a solution for BIND9).

Cheers,
Barrie
I