On Mon, 18 Aug 2008, bert hubert wrote:
> On Sun, Aug 17, 2008 at 11:42:39PM -0400, Dean Anderson wrote:
>
> > TCP isn't susceptible to this kind of attack at all. TCP spoofing is
>
> While this is true, it turns out the current crop of authoritative
> nameservers, including mine, is not up to serving thousands of
> requests/second over TCP. Or at least not thousands of new sessions/second.
I agree. TCP connection caching is necessary.
> I'm working on in-place spoofing countermeasures and I've already had to
> stop my tests because I ended up overloading the authentic authoritative
> servers with TCP queries.
I am interested in helping with this.
--Dean
--
Av8 Internet Prepared to pay a premium for better service?
www.av8.net faster, more reliable, better service
617 344 9000
_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop
