Maintained by: NLnet Labs

[Unbound-users] Random subdomain flood query

Stephane Bortzmeyer
Tue Mar 31 16:49:57 CEST 2015


On Tue, Mar 31, 2015 at 11:34:09PM +0900,
 DarkSoul <darksoul at darkbsd.org> wrote 
 a message of 53 lines which said:

> Yes, these domains change quite often, unfortunately :(
> This is an attack called water torture.

Actually, no. I've seen very often the "water torture" or "random
qnames" attack and it is the first time I see in the wild such a rapid
change of the suffix.

https://blog.secure64.com/?p=377