* Attacker sends (small) query to a lot of resolvers, spoofing the source adress to be the IP of the target
* Each NS replies with a (large) response, thus flooding the target with a lot of data
As long as there is no rate limiting in the nameservers used for the attack, this would work regardless of whether the answer is authoritative or not.
* Attacker sends (small) query to a lot of resolvers, spoofing the source adress to be the IP of the target
* Each NS replies with a (large) response, thus flooding the target with a lot of data
As long as there is no rate limiting in the nameservers used for the attack, this would work regardless of whether the answer is authoritative or not.