Composed on a virtual keyboard, please forgive typos. On Mar 26, 2013, at 18:27, "Dobbins, Roland" <rdobbins@arbor.net> wrote:
On Mar 26, 2013, at 3:13 PM, Nick Hilliard wrote:
The whole point of this thread is that dns amplification hurts other people, not the resolver which is being abused.
Actually, it often hurts the resolver(s) being abused, as well, leading to availability problems for those who legitimately need the recursive service in question.
On more than one occasion, the operator of an open resolver being used to amplify an attack at our network has called / emailed asking us to stop abusing them. It seems the query rate "we" were sending them was crippling their servers. Sometimes they threaten to filter us. How thoughtful of them! Reminds me of: "Yer h4x0ring me on port 80!!1!1!!1" -- TTFN, patrick