[dns-operations] DNS greylisting?

Sam Norris Sam at ChangeIP.com
Tue Mar 7 20:16:30 UTC 2006

> The idea is to use SYN cookies to whitelist "good" addresses, without
> keeping too much state servers-side.  You can use CNAME RRs to
> implement pure UDP-based cookies, by the way.  (Riverhead applied for
> a patent on such techniques, IIRC.)

Patent:  http://snipurl.com/nahn

Too many resolvers would break because they never implemented DNS over TCP.


More information about the dns-operations mailing list