On Thu, Oct 24, 2013 at 09:11:41AM +0300, Daniel Kalchev <dan...@digsys.bg> wrote a message of 247 lines which said:
> This is not an attack on DNS, but an attack on IP reassembly > technology. Frankly, I do not share this way of seeing things. Since the DNS is, by far, the biggest user of UDP and since TCP is already protected by PMTUD, I do not think we can say it's not our problem. > This might happen even due to malfunctioning network adapter or > other network device, not necessarily an "attack". A random modification by a malfunctioning device or an errant cosmic ray has a very small probability of being accepted (UDP checksum, DNS checks, etc). We are talking here about a deliberate attack, by a blind attacker. _______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs