[dns-operations] Amplification attack today ?
fw at deneb.enyo.de
Mon Mar 5 09:30:31 UTC 2007
* Michael Monnerie:
> That's what I mean. It has to be transported over media into the admins
> ears and brains, that you will be blacklisted if your DNS setup is
Just because your tests show that some server provides recursive
service to you, the setup is not necessarily "crap". It's harder to
operate a DNS resolver in a responsible way if you provide public
recursive service, but it's not impossible. Given the choice, I
certainly prefer a well-monitored, maintained open DNS resolver to a
closed authoritative/resolver combination running on autopilot.
More information about the dns-operations