This post from yesterdays internet storm center diary is worth a mention, the concept is very simple and very clever; the attack spoofs a recursive DNS query which has a short request and a long response, i.e. the amount of data sent in the reply from the DNS server ...