DNS traffic is UDP, source is spoofed, you setup a large record and request it from the victim's IP to a list of nameservers. http://packetstormsecurity.org/DoS/ihateperl.pl nothing new