<<< Date Index >>>     <<< Thread Index >>>

Re: recursive DNS servers DDoS as a growing DDoS problem



Robert Story wrote:

VG> In the scenario you describe, I cannot see any actual amplification...

The amplification isn't in the number of hosts responding, but in packet size.
A very small DNS request packet results in a huge response packet.

Are you talking about rogue authoritative servers?  Otherwise, responses
will be limited to 512 bytes, possibly with the truncation bit set.