In message <606F1AD6-F86A-436B-972E-1F204C64464C@menandmice.com>,
Chris Buxton wrote:

>Yes. There is an attack based on DNS queries with forged source
>addresses.
>
>{basic description of DNS amplification attack scenario snipped}


Although "open" recursive servers are certainly the easiest way to
obtain the kinds of amplification needed to make an attack of this
type truly menacing, I have long wondered if that's really the only
way to obtain serious amplification for such an attack.

Wouldn't it perhaps be more accurate to say that _any_ DNS server
that is willing and able to serve up _any_ responses (even ones for
zones for which it is authoritative) which are significantly larger
than the relevant queries could be exploited as amplifiers, and thus
be used as part of such an attack?