> 1) The Internet has a limited number of root name > servers. I'm going to make a stab in the dark, but this also assumes that nameservers don't cache translations, and by nameservers I mean the ones on ISPs and localhosts around the world. This would mean that a DoS would have to operate until the cache expired, by which time the attacking hosts could have been filtered, or the root nameservers could have been kicked. > 2) An application can easilly be created to perform a > DOS attack on these root servers. As I've said previously, DDos wouldn't work particularly well, because there's a lot of hosts to hit, and the root nameservers are fairly well maintained. The next suggestion would be just a typical memory leaky-thingy (I love technical terms) or something along those lines to kill the named. This is also fairly difficult as the primary nameservers run different nameds (as far as I know), and so would require multiple applications to be flawed. my first post, yay. -- Felix Harris (Felix-_@IRCNet) felixat_private
This archive was generated by hypermail 2b30 : Tue Jul 24 2001 - 18:59:16 PDT