On Mar 19, 2010, at 9:41 AM, Ted Lemon wrote: > On Mar 19, 2010, at 12:20 PM, Nicholas Weaver wrote: >> HAHAHA. Not bloodly likely IMO: a lot of the "open resolvers" are broken >> end-user NATS and similar. Those will only be updated sometime around when >> hell freezes over. > > Stuff gets updated when its brokenness becomes obvious to the person who owns > it. So revealing its brokenness is a mitzvah.
But its not broken for the person doing it. In fact, given it costs $10-50 to replace ($10 for a reflash when you consider time and effort) and, with flat rate internet billing, $0 to maintain as 'broken', unless the ISP is going to cut the person off, it makes no sense for them to fix! And the ISP has no reason either, as people are not using this for significant DOS attacks anyway: application level DOS is where its at if you are going to burn bots (which are a REAL resource) for DOS attacks, due to a combination of far greater effectiveness AND the widespread use of filters against spoofed packets. So why spend $10- _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
