Robert Story wrote:
VG> In the scenario you describe, I cannot see any actual amplification... The amplification isn't in the number of hosts responding, but in packet size. A very small DNS request packet results in a huge response packet.
Are you talking about rogue authoritative servers? Otherwise, responses will be limited to 512 bytes, possibly with the truncation bit set.