North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: DDos syn attack
> This is also a very viable solution, provided the customer has > provisioned for this with lower ttls on their DNS records, which > ALOT of people (thankfully) don't do actually, a bunch of research now shows that low ttls on A RRs (that are not the A RRs of NS RRs) has little effect. in the case a dns lookup is being done in a ddos, of course one would prefer if the attacking zombies cached the lookup <grin>. randy
|