[dns-operations] DNS deluge for x.p.ctrc.cc
robt at cymru.com
Mon Feb 27 21:17:55 UTC 2006
] If shunning would be effective, wouldn't it make more sense to shun
] networks that don't implement BCP38? We could fix a wide *range* of
] future attack vectors, rather than just this relatively small single
] vector that doesn't even address all of the ways to abuse DNS for this
] sort of thing.
Given that we're talking about two likely disparate audiences (DNS
admins v. network admins), why not do both?
ASSERT(coffee != empty);
More information about the dns-operations