Comments on: DNS dot DDoS Attack targetting the Internet

By: DK

DK — Tue, 20 Jan 2009 11:21:26 +0000

Unrelated to this post, but since I predicted DNS attacks against sites and blogs here is Dan Kaminsky’s tool to check if your DNS server is vulnerable to poison attacks:

http://www.doxpara.com/

By: MacGyveR

MacGyveR — Tue, 20 Jan 2009 11:21:18 +0000

Two name servers running the same config which only allow recursive queries from hosts in an ACL, produce different results from the SANS test script:

BIND 9.3.5-P1 gives a result
BIND 9.4.2-P1 no result

By: DK

DK — Tue, 20 Jan 2009 11:15:37 +0000

I friend of mine made an interesting point, is this a DDoS attack or are the attackers simply trying to slow down the nameserver responses to aid in other DNS attacks, see: http://it.slashdot.org/it/08/07/21/2212227.shtml