[dns-operations] DNS "security" and DDoS attacks
Jim Reid
jim at rfc1035.com
Mon Mar 29 14:32:17 UTC 2010
On 29 Mar 2010, at 14:48, George Barwood wrote:
> Securing the transmission channel has many security benefits
Define what you mean by "securing the transmission channel"
> in particular it stops various denial of service attacks.
Nope. It's just not possible to prevent DoS attacks on DNS because of
the fundamental nature of what the DNS is: an open and globally
pervasive infrastructure. The only way to prevent DoS attacks would be
to stop people using the DNS.
More information about the dns-operations
mailing list