* Jim Reid wrote: > In this case, DDoS attackers would get those truncated responses sent > to their victims. OK, they lose the amplification factor but they still > get to flood the victim(s) with unsolicited traffic.
That does already happen in the wild. I was part of such an "TC=1" attack and got sued over the remaining(!) 2Mbps. That's why I went further and stop query processing at all for this victim: DNS Dampening. _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
