Dear colleagues, This article by Petr Špaček of CZ.NIC describes a newly discovered DNS protocol vulnerability that affects all recursive DNS resolvers. NXNSAttack allows the execution of random subdomain attacks using the DNS delegation mechanism, resulting in a big packet amplification factor.
Please read more about this on RIPE Labs: https://labs.ripe.net/Members/petr_spacek/nxnsattack-upgrade-resolvers-to-stop-new-kind-of-random-subdomain-attack Kind regards, Mirjam Kühne RIPE NCC
