[colug-432] DNS Amplification Attack

R P Herrold herrold at owlriver.com
Wed Apr 3 12:24:53 EDT 2013


On Wed, 3 Apr 2013, Rob Funk wrote:

> Aren't DNS amplification attacks possible as long as 
> well-known open DNS servers exist, such as those maintained 
> by Google (8.8.[48].[48]) and Level3 (4.2.2.[1-6]), or even 
> OpenDNS? Or do they somehow prevent the problem while still 
> remaining open?

I assume, but do not have direct knowledge, that they watch 
rate of query for various forms of abuse they have observed, 
and quench it when 'excessive'

-- Russ herrold



More information about the colug-432 mailing list