* Chris Adams: > At that point, random botnets are not the problem. If you get an > excessive number of queries from a customer, you can shut off the > customer (because either they have broken software or they're infected).
This is not what happens in practice because query anomalies tend to come in clusters, either because customers in the same region tend to pick up similar malware or because they deliberately use the same nominally non-malicious software which exhibits query anomalies (perhaps because you've shipped it to them yourself). Reflection through broadband routers is a possibility as well, unfortunately. _______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
