To:
dnsop@cafax.se
From:
Markus Stumpf <maex-lists-dns-ietf-dnsop@Space.Net>
Date:
Fri, 28 Jun 2002 00:23:46 +0200
Content-Disposition:
inline
In-Reply-To:
<20020627122050.A14671-100000@shell.nominum.com>; from Roy.Arends@nominum.com on Thu, Jun 27, 2002 at 12:26:23PM -0700
Sender:
owner-dnsop@cafax.se
User-Agent:
Mutt/1.2.5.1i
Subject:
Re: is this proper behavior?
On Thu, Jun 27, 2002 at 12:26:23PM -0700, Roy Arends wrote:
> No, its not. 29 bytes vs 507 bytes is 1 packet vs 1 packet. broadcast
> related DoS is 1 packet vs N packets.
>
> You're comparing apples and oranges.
Pardon? I compare bytes/bandwidth with bytes/bandwidth.
Nobody denies that splitting the bytes to a lot of packages put more
load on the routers, but if you have a 10 Mbit leased line and you get
loaded with 20 Mbit you dont really care if it's 1 thousand or 1
million packets.
Even worse, as the target has no associated UDP port open (most likely)
the local host additionally generates an outgoing ICMP packet.
Read
http://www.s0ftpj.org/docs/spj-002-000.txt
for an insight.
And I don't say it doesn't work with djbdns also, it's only not as easy,
because you can't simply send it anything and get an answer.
\Maex
--
SpaceNet AG | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development | D-80807 Muenchen | Fax: +49 (89) 32356-299
"The security, stability and reliability of a computer system is reciprocally
proportional to the amount of vacuity between the ears of the admin"