I have question regarding ddos attacks which use dns serwers as amplifiers. Most documentation focus on DNS serwers which allows for recursive queries from the world. And all such attacks are discussed/analyzed using recursive queries.
But it's not nececary to use recursive query, all you have to do is to use non-recursive query which will return ANY data (as much as possible) which will be returned later to spoofed address which is the victim. Am i wrong ? Do i miss something ?