NetReg will DOS itself with Blaster

Phil.Rodrigues at Phil.Rodrigues at
Tue Aug 19 16:20:17 GMT 2003

Hi all,

NetReg, by default, will redirect all namelookups to itself, including  This is how it is designed.  Unfortunately, this means 
that hosts that are carried into your network by students that are already 
infected with Blaster will DOS (TCP port 80 synflood) the web server on 
NetReg, since they get leases with a DNS server that redirects to NetReg, which will cause the web server not to 

We added a name record for that points to to 
the DNS server on our NetReg box, which should solve the problem.  Maybe 
you were smarter than us and already did this - if not, do it now.


Philip A. Rodrigues
Network Analyst, UITS
University of Connecticut

email: phil.rodrigues at
phone: 860.486.3743
fax: 860.486.6580

More information about the unisog mailing list