North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: what the heck do i do now?

  • From: Jon Lewis
  • Date: Thu Feb 01 16:13:45 2007

On Thu, 1 Feb 2007, Justin Shore wrote:

Jon Lewis wrote: 
2) maps.vix.com.    604800    IN    NS    u1.vix.com.
   maps.vix.com.    604800    IN    NS    u2.vix.com.
   maps.vix.com.    604800    IN    NS    u3.vix.com.
   ... [as many as you like]
   u1.vix.com.        604800    IN    A    192.0.2.1
   u2.vix.com.        604800    IN    A    192.0.2.2
   u3.vix.com.        604800    IN    A    192.0.2.3
   ... [as many as you like]

1) just tells them there is no NS, go away.

2) gives them someone unreachable to try, which they'll do, and do, and do, wasting lots of retransmitted queries and the time it takes them to timeout. If you're lucky, the timeouts might be noticed as increased load and mail slowdown on the servers sending these queries.

Or you could just point them at a spammer's DNS. That's what the query is all about anyhow. Just let the spammer give the appropriate response. Wouldn't that be fun? I wonder how beefy Linhardt's NSs are....

Yeah, that'd be barrels of fun when the spammer sues you for orchestrating a DDoS against them in the form of bogus DNS queries.

Next.

----------------------------------------------------------------------
 Jon Lewis                   |  I route
 Senior Network Engineer     |  therefore you are
 Atlantic Net                |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________