On Tue, Mar 26, 2013 at 7:04 PM, Matthew Petach <mpet...@netflight.com>wrote:
> On Tue, Mar 26, 2013 at 6:06 PM, John Levine <jo...@iecc.com> wrote: > >>As a white-hat attempting to find problems to address through legitimate > means, how > >>do you … > > > > You make friends with people with busy authoritative servers and see > > who's querying them. > > I'm confused. Don't most authoritative servers have to > answer to just about anyone in order to be useful? > > Matt > Authoritative DNS servers need to implement rate limiting. (a client shouldn't query you twice for the same thing within its TTL).