[dns-operations] .se being used as seed data in dns attacks
Matt Ghali
matt at snark.net
Thu Aug 10 23:59:22 UTC 2006
On Thu, 10 Aug 2006, Edward Lewis wrote:
> Welcome to DNSSEC. That's what DNSSEC is. A lot more bytes and
> records. When I ran dig at the a server:
> ...
> This is why I've pushed back on the notion that open recursive name
> servers are the most evil being on the face of the planet. Sooner or
> later there will be a plethora of authoritative servers to use for
> amplification.
>
> It's not that DNSSEC has a choice. There's no DNSSEC-lite
> alternative that was passed over. Just about any improvement on DNS
> will bloat the answers in one way or another.
I, for one, completely agree with you, Ed- DNSSEC is without doubt
the most evil being on the face of the planet- dwarfing any sort of
ORN badness.
matto
--matt at snark.net------------------------------------------<darwin><
Moral indignation is a technique to endow the idiot with dignity.
- Marshall McLuhan
More information about the dns-operations
mailing list