GoFuckYourself.com - Adult Webmaster Forum - View Single Post

rowan · 06-03-2006, 07:30 PM

My network has been hit with 35 spoofed DNS queries per second for the past 25 hours (that's over 3 million packets so far...)

The idea is that the attacker sends out relatively small DNS queries that servers will respond to with a much larger reply. A 70 byte query might send out a 3000 byte reply. Multiply that by a few hundred or thousand queries per second ricocheted off various innocent networks such as mine and you have some serious DDoS happening.

Anyway, the point of all this: the spoofed source IPs point to the c class of the host of thepiratebay.org. Someone isn't happy that they're back up.

06-03-2006, 07:30 PM
rowan Too lazy to set a custom title Join Date: Mar 2002 Location: Australia Posts: 17,393	My network has been hit with 35 spoofed DNS queries per second for the past 25 hours (that's over 3 million packets so far...) The idea is that the attacker sends out relatively small DNS queries that servers will respond to with a much larger reply. A 70 byte query might send out a 3000 byte reply. Multiply that by a few hundred or thousand queries per second ricocheted off various innocent networks such as mine and you have some serious DDoS happening. Anyway, the point of all this: the spoofed source IPs point to the c class of the host of thepiratebay.org. Someone isn't happy that they're back up.