--- Begin Message ---
On Mon, Feb 24, 2025 at 12:40 PM Stephane Bortzmeyer <[email protected]>
wrote:
> On Sun, Feb 23, 2025 at 02:25:02PM +0200,
> Meir Kraushar via dns-operations <[email protected]> wrote
> a message of 135 lines which said:
>
> > The reply size of "dig sl any" is 5814 (!)
>
Which is probably not so useful for reflection attacks since very few
> name servers will serve this size over UDP.
>
This dig query was just a simple example to show the size or response, the
actual manner is of course different.
I do not know which servers allowed it, but the fact is that the targeted
victim saw on their network loads of fragmented UDP packets , and when
analyzing the content it led to .sl response.
Note that oracle.com is 3458 just with TXT QNAME.
>
--- End Message ---
_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
