[LINK] Open recursive nameservers used for DoS attacks

Barrie Hall barrie at mypond.net
Fri May 15 15:31:16 EST 2009



Short version:  I had configured my nameserver to accept queries from
                any host on the Net, for domains other than my own.
                This meant it could be used as a DDoS amplifier.

Robin,

The problem with this solution is that Bind 9 still returns your "hints" 
file with this query. I have ended up black holing the spoofed address.  (I 
don't have a solution for BIND9).

Cheers,
Barrie
I 



More information about the Link mailing list