[dns-operations] Amplification attack today ?
Florian Weimer
fw at deneb.enyo.de
Mon Mar 5 09:30:31 UTC 2007
* Michael Monnerie:
> That's what I mean. It has to be transported over media into the admins
> ears and brains, that you will be blacklisted if your DNS setup is
> crap.
Just because your tests show that some server provides recursive
service to you, the setup is not necessarily "crap". It's harder to
operate a DNS resolver in a responsible way if you provide public
recursive service, but it's not impossible. Given the choice, I
certainly prefer a well-monitored, maintained open DNS resolver to a
closed authoritative/resolver combination running on autopilot.
More information about the dns-operations
mailing list