Re: large organization nameservers sending icmp packets to dns servers.

North American Network Operators Group

On Wed, 8 Aug 2007, David Conrad wrote:

How many bytes of shell code can you stuff in a 512 byte DNS UDP packet?

How many bytes of shell code can you stuff into a 4096 byte EDNS0 UDP packet? :)

P.S. I still think blocking TCP/53 is stupid.

Agreed.

--

If you're never wrong, you're not trying hard enough

Follow-Ups:
- Re: large organization nameservers sending icmp packets to dns servers. Matthew Black

References:
- Re: large organization nameservers sending icmp packets to dns servers. John Levine
- Re: large organization nameservers sending icmp packets to dns servers. Valdis . Kletnieks
- RE: large organization nameservers sending icmp packets to dns servers. Jason J. W. Williams
- RE: large organization nameservers sending icmp packets to dns servers. Donald Stahl
- Re: large organization nameservers sending icmp packets to dns servers. Patrick W. Gilmore
- Re: large organization nameservers sending icmp packets to dns servers. Valdis . Kletnieks
- Re: large organization nameservers sending icmp packets to dns servers. Patrick W. Gilmore
- Re: large organization nameservers sending icmp packets to dns servers. Donald Stahl
- Re: large organization nameservers sending icmp packets to dns servers. Steve Gibbard
- RE: large organization nameservers sending icmp packets to dns servers. Jamie Bowden
- Re: large organization nameservers sending icmp packets to dns servers. David Conrad