[LINK] Open recursive nameservers used for DoS attacks
barrie at mypond.net
Fri May 15 15:31:16 EST 2009
Short version: I had configured my nameserver to accept queries from
any host on the Net, for domains other than my own.
This meant it could be used as a DDoS amplifier.
The problem with this solution is that Bind 9 still returns your "hints"
file with this query. I have ended up black holing the spoofed address. (I
don't have a solution for BIND9).
More information about the Link