North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: DDos syn attack
On Mon, 30 Dec 2002, Chris Wedgwood wrote: > > On Mon, Dec 30, 2002 at 08:09:17AM -0800, Randy Bush wrote: > > > actually, a bunch of research now shows that low ttls on A RRs (that > > are not the A RRs of NS RRs) has little effect. > > maybe this could help find the attacking nwtwork? assuming people are > using local DNS servers? > > under attack you could sporadically 'lie' about the result... and log > to whom you lied to... all the time looking for changes in the DDoS > target > > a fair amount work perhaps... wow, break bind in a new and horrid way to accomplish this task :) Nice... perhaps mr. vixie will add this functionality for us?