|
|
|
|
|
|
by toast0
3134 days ago
|
|
|
Here's a blog entry [1] about an attack in 2016, with some references to other attacks. The thing is, you have to maintain an attack for a long time to effectively disrupt service. The root zone is published -- I imagine large recursive caches may use a local copy, rather than actually querying the root servers; but if they do query the root, the TTLs are 2 days; there's a pretty good chance your recursive resolver will have com. cached. The com. servers also give a 2 day TTL, so for popular domains, there's a good chance those are cached too. DDoS on the nameservers for domains can be effective, though. Even then, it's usually not a total outage. [1] https://blog.thousandeyes.com/ddos-attack-varying-impacts-dn... |
|
|