[dns-operations] Limiting DNSSEC-based amplification attacks (Was: Weird TXT record
Ray Bellis
Ray.Bellis at nominet.org.uk
Wed Jun 22 11:27:28 UTC 2011
On 22 Jun 2011, at 11:50, Marco Davids (SIDN) wrote:
But before you deploy that, make sure your host based firewall
understands IPv6 fragments.
I *did* say "working" ;-)
Anyhow, the point was that it's a lot harder to lock yourself out of your own box by b0rking your IPv4 firewall rules if you've got a separate set of rules for IPv6.
Ray
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20110622/fb0011c5/attachment.html>
More information about the dns-operations
mailing list