New Denial of Service Attack on Panix

Paul A Vixie writes...


I don't think you can, there's no pattern. You could rotate your server
address using a very short DNS TTL, though the attacker can follow the
changes using DNS so this isn't all that useful even if it would be fun.

But if the attacker also followed the changes, then he'd have to be
constantly querying a name server that presumably is somewhat easier
to monitor than some router at some other provider. Although, I guess
a smart attacker would compile a list of thousands of servers that he
could randomly select from that would happily forward the request for
him, so we're back to pretty much the same old random random source

It almost seems like it could be a good idea.