-
Attacker might generate fake NS records pointing to victim's DNS zone. If the zone contains wildcard the attacker might force us into packet exchange with a (lame) DNS server on that IP address. We now limit number of consecuctive failures and kill whole request if limit is exceeded.
Attacker might generate fake NS records pointing to victim's DNS zone. If the zone contains wildcard the attacker might force us into packet exchange with a (lame) DNS server on that IP address. We now limit number of consecuctive failures and kill whole request if limit is exceeded.
Loading