-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Stephen Samuel wrote: | To put it another way: UDP as a purely connectionless | protocol is fast becoming a liability in situations where | significant amplification is possible. My thoughts exactly. This attack is possible because of a design limitation of UDP (and other connectionless protocols). I realise that DNS is receiving attention because of it's ubiquity on the Internet, but this type of attack can leverage any service that responds with a reply packet larger than the initial query packet where the protocol used is connectionless. TCP/IP is showing it's age (again). Thanks, Paul -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFELIV14qOLghPAuV0RAvrVAKCZBb85yHnwB3+RAOyqvDocbUQYPwCgzSpV 1nnSrOO74gRDzoZSnNxd2jI= =Rl7W -----END PGP SIGNATURE-----
