LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for February 16, 2012

Book review: Open Advice

Linux support for ARM big.LITTLE

LWN.net Weekly Edition for February 9, 2012

XBMC 11 "Eden"

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Spam Sites Crippled by Lycos Screensaver DDoS (Netcraft)

Spam Sites Crippled by Lycos Screensaver DDoS (Netcraft)

Posted Dec 9, 2004 13:26 UTC (Thu) by copsewood (subscriber, #199)
In reply to: Spam Sites Crippled by Lycos Screensaver DDoS (Netcraft) by pflugstad
Parent article: Spam Sites Crippled by Lycos Screensaver DDoS (Netcraft)

>It was fairly sophisticated and would be quite difficult to stop.

To stop it you would have to get the ISP handling the IP for the spammers DNS server to pull that DNS server off the network, or get the ISPs upstream provider to block that IP address if the ISP takes too long to respond. If the spammer running this DNS server sent out responses to all enquiries prior to the DNS server being shut down with a long TTL, this would determine a window of opportunity for this crack to continue working. Does DNS have a maximum value for TTL on A records ? The problem is then the cached copies of these records and how long it takes for these to be dropped by the DNS caches.

(Log in to post comments)

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds