Subject: Flood ping directed at a NetBSD box == loads of DNS requests
To: None <email@example.com>
From: Chris Tribo <firstname.lastname@example.org>
Date: 07/09/2002 18:28:36
I have ipf running, looking at ipfstat -t. Now I flood ping my box
from another machine and I see screen fulls of outgoing DNS requests. They
just keep going following something resembling a root function to a peak
of around 40 or so open requests per second. Why is my machine constantly
looking up the same IP address over and over again and not hitting a
cache? This doesn't look too hard to turn into a DoS with enough machines.
Am I missing something here? Shouldn't the resolver have cached the
IP<->hostname pair by now?
NetBSD amnesiac 1.6B NetBSD 1.6B (amnesiac) #2: Thu Jul 4 06:36:27 EDT