6 Apr
2012
6 Apr
'12
2:08 p.m.
On Fri, Apr 6, 2012 at 12:52 PM, PC <paul4004@gmail.com> wrote:
Of course you'd have to actually be running a poorly configured DNS server on that IP for this to work...
Right.... was that IP ever running a DNS service? Picking random IPs to spoof and hope some of the random IPs happen to be DNS servers doesn't sound like a very "efficient" attack. It seems like the attacker would want to 'probe first' before selecting innocent servers to reflect at Perhaps 2 or 3% of the possible random IPs on the internet actually run DNS servers that could possibly respond to spoofed queries? -- -JH