On Thu, 1 Feb 2007, Justin Shore wrote:

Jon Lewis wrote:

...

2) maps.vix.com. 604800 IN NS u1.vix.com. maps.vix.com. 604800 IN NS u2.vix.com. maps.vix.com. 604800 IN NS u3.vix.com. ... [as many as you like] u1.vix.com. 604800 IN A 192.0.2.1 u2.vix.com. 604800 IN A 192.0.2.2 u3.vix.com. 604800 IN A 192.0.2.3 ... [as many as you like]

1) just tells them there is no NS, go away.

2) gives them someone unreachable to try, which they'll do, and do, and do, wasting lots of retransmitted queries and the time it takes them to timeout. If you're lucky, the timeouts might be noticed as increased load and mail slowdown on the servers sending these queries.

Or you could just point them at a spammer's DNS. That's what the query is all about anyhow. Just let the spammer give the appropriate response. Wouldn't that be fun? I wonder how beefy Linhardt's NSs are....

Yeah, that'd be barrels of fun when the spammer sues you for orchestrating a DDoS against them in the form of bogus DNS queries. Next. ---------------------------------------------------------------------- Jon Lewis | I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________