On Wed, 14 Mar 2007, Joe Abley wrote:
>
> On 14-Mar-2007, at 20:55, Dean Anderson wrote:
>
> > That scheme requires a high traffic site.
>
> Certainly, that's one way to do it. About two in five people being
> hammered by legions of slashdot weenies says "yes" when asked "would
> you like me to host that large file for you?" so it's not exactly
> hard to organise.
You aren't getting it. Saying "yes", and having the bandwidth to do it
are very different things. I think they have a term for small sites
hosting (for a short while anyway) a popular file.
However, my point is this: Those who have the big bandwidth, also have
more oversight. Besides management they have lawyers, contracts, laws,
torts, rules, etc.
> Other approaches for exercising resolvers are to embark on some other
> exercise which triggers DNS lookups as a side-effect, such as port
> scanning, or sending bulk unsolicited mail (or even just doing a lot
> of SMTP connects and then dumping the connection without sending mail).
This exercises resolvers, but doesn't reveal open recursors--they still
need to be tested. It also requires a great deal of effort. Sending a
lot of bulk email is obviously going to draw some complaints, and port
scanning is also going to draw some unwanted attention.
This is easier than simply scanning domains for large records or abusing
the roots? You are straining pretty hard, now.
> > Obviously, logging requests to root servers also produces a pretty
> > complete list of recursors after a time.
>
> That requires access to a root server, though, and it's not clear to
> me that many root server operators would be happy to give that access
> for the purpose of building a list of open recursive nameservers in
> order to provide amplification for a botnet.
Yes, I agree, one wouldn't think root server operators would do so on
purpose. But I've previously found ISP admins who performed such
similar abuse. Its possible that root operators might hire the wrong
kind of person.
> > However, LittleScriptKiddie (tm) doesn't have those capabilities.
>
> Whatever you prefer to believe, Dean ;-)
I believe you should have to prove your claims are true. If they are
true, it shouldn't be hard. What I believe, and what you believe is
mostly irrelevant---Its the truth of your assertions that matters. And
so far, you haven't proven them.
--Dean
--
Av8 Internet Prepared to pay a premium for better service?
www.av8.net faster, more reliable, better service
617 344 9000
_______________________________________________
DNSOP mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/dnsop
