On Mar 26, 2013, at 08:01 , "Dobbins, Roland" <rdobb...@arbor.net> wrote: > On Mar 26, 2013, at 6:50 PM, Jamie Bowden wrote: > >> let's suppose I just happen to have, or have access to, a botnet comprised >> of (tens of) millions of random hosts all over the internet, and I feel like >> destroying your DNS servers via DDoS; > > DNS reflection/amplification attacks aren't intended as attacks against the > DNS, per se; they're intended to crush any/all targeted servers and/or fill > transit pipes.
To be more clear, the point of DNS reflection attacks is to amplify the amount of bandwidth the botnet can muster (and perhaps hide the true source). If you have 10s of millions of bots, you don't need to amplify. You can crush any single IP address on the 'Net. > Same for SNMP and ntp reflection attacks. And far too many other things. :( -- TTFN, patrick
