bert hubert wrote:

> correction! Re: The math of kaminsky-spoofing a randomising source port resolver

Why do you call such a well known vulnerability of DNS, which was
documented in section 2.2 of RFC3822 in 2004 several years after it
had been publicly known, kaminsky-spoofing?

> This is assuming 100 bytes per attempt, which at 50000 packets/s is around
> 40 megabits/s. Given some overhead, make it a good 50 megabits/s.

Your bandwidth figure is applicable to attackers but not to victims of
the attackers attacking many victims at once.

So, if an attacker have 1000 victims, the attacker needs 1/1000 less
time to compromise one or more victims of the attacker than an attacker
with only one victim and each victim feel 1/1000 less amount of traffic.

Masataka Ohta

to unsubscribe send a message to with
the word 'unsubscribe' in a single line as the message text body.