I think he means packet captures from an example, voluntarily-tested recursive nameserver subject to this attack.


On Wed, Oct 14, 2020 at 11:53 AM Casey Deccio <casey@deccio.net> wrote:
Hi Bryan,

> On Oct 14, 2020, at 12:43 PM, Bryan Holloway <bryan@shout.net> wrote:
>
> I too would like to know more about their methodology

We've written up our methodology and results in a paper that will be available in a few weeks.  Happy to post it here if folks are interested.  Obviously, no networks are individually identified; it's all aggregate.

Also, we're working on a self-test tool, but it's not quite ready yet.  Sorry.

> and actual tangibles ideally in the form of PCAPs.

What do you mean by "tangibles in the form of PCAPs"?

Casey