On Sun, Jul 09, 2006 at 01:24:17PM +0300,
Pekka Savola [EMAIL PROTECTED] wrote
a message of 46 lines which said:
The attacker could just use whatever 3rd party DNS records that
already exist, right?
Existing actual records do not typically provide a good amplification,
they are often too
Hi,
In general, this was a good document. A couple of comments:
1. The attacker starts by configuring a record (LRECORD) on any zone
he has access to (AZONE), normally with large RDATA and TTL.
== AFAICS, this step is not necessary. The attacker could just use
whatever 3rd party