FYI - IP tunnelling via DNS
Paul A Vixie
vixie at mibh.net
Mon Sep 11 05:34:36 UTC 2000
> A better method would be to perform some form of data traffic
> analysis. There must be a significant number of queries to a
> particular DNS in order for this to be effective.
well, no, there mustn't particularly. given the way the DDoS field is
shaping up, i think there can be considered to be enough anonymous "0wn3d"
hosts, distributed well enough, that the only traffic shaping that would
work for more than a few weeks is against the "inside" client of this.
More information about the bind-workers
mailing list