North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: Sitefinder and DDoS
On Thu, 9 Oct 2003, Kee Hinckley wrote: > At 10:41 PM +0300 10/9/03, Petri Helenius wrote: > >With $100M annual revenue at stake, I would be willing to provide > >distributed solutions > >to this problem if you send me a reasonable fraction of that money. > > But can you do it without breaking the assumption that any lookup on > *.TLD will always return the same value as badxxxdomain.TLD? Well, the problem space is that a wildcard is involved. Since 1034 indicates that the answer for '*.something' is the same as 'otherwise-unmatched.something', I think this assumption is fairly safe. The assumption is not safe if the authoritative nameservers for the underlying zone are not performing according to the DNS specs; ie, they have synthesised answers that are not from a wildcard (which can be queried). --==-- Bruce.