To:
Robert Elz <kre@munnari.OZ.AU>
Cc:
Edward Lewis <edlewis@arin.net>, dnsop@cafax.se
From:
Markus Stumpf <maex-lists-dns-ietf-dnsop@Space.Net>
Date:
Thu, 27 Jun 2002 20:25:17 +0200
Content-Disposition:
inline
In-Reply-To:
<22255.1024986572@munnari.OZ.AU>; from kre@munnari.OZ.AU on Tue, Jun 25, 2002 at 01:29:32PM +0700
Sender:
owner-dnsop@cafax.se
User-Agent:
Mutt/1.2.5.1i
Subject:
Re: is this proper behavior?
On Tue, Jun 25, 2002 at 01:29:32PM +0700, Robert Elz wrote: > Sounds like djb's "thing" - his opinion was that if you asked his server > for something for which it hadn't been configured, it would simply ignore > you (no answer of any kind). Yeah! Kewl isn't it? Script kiddies send queries for MX hotmail.com from spoofed addresses and it doesn't work (i.e. 29 bytes query vs 507 bytes answer would be a multiplicator of about 17 and is even more effective as a ping to the broadcast address of a /28). At least however you have 29 bytes query vs 29 bytes answer from a REFUSED answer and it's your DNS Server that shows up on the target. \Maex -- SpaceNet AG | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0 Research & Development | D-80807 Muenchen | Fax: +49 (89) 32356-299 "The security, stability and reliability of a computer system is reciprocally proportional to the amount of vacuity between the ears of the admin"