On 14-Mar-2007, at 20:55, Dean Anderson wrote:
That scheme requires a high traffic site.
Certainly, that's one way to do it. About two in five people being hammered by legions of slashdot weenies says "yes" when asked "would you like me to host that large file for you?" so it's not exactly hard to organise.
Other approaches for exercising resolvers are to embark on some other exercise which triggers DNS lookups as a side-effect, such as port scanning, or sending bulk unsolicited mail (or even just doing a lot of SMTP connects and then dumping the connection without sending mail).
Obviously, logging requests to root servers also produces a pretty complete list of recursors after a time.
That requires access to a root server, though, and it's not clear to me that many root server operators would be happy to give that access for the purpose of building a list of open recursive nameservers in order to provide amplification for a botnet.
However, LittleScriptKiddie (tm) doesn't have those capabilities.
Whatever you prefer to believe, Dean ;-) Joe _______________________________________________ DNSOP mailing list [email protected] https://www1.ietf.org/mailman/listinfo/dnsop
