[dns-operations] Limiting DNSSEC-based amplification attacks (Was: Weird TXT record
Ray Bellis
Ray.Bellis at nominet.org.uk
Wed Jun 22 12:52:15 UTC 2011
On 22 Jun 2011, at 13:25, Dobbins, Roland wrote:
> It's a state-table issue. Stateful firewalls should *not* be placed in front of/on servers, period.
Ah, that.
When you said "Self-DoS" I took that as meaning the self-DoS you get when you try to change your iptables rules whilst logged into the box remotely, and inadvertently finding yourself locked out by those changes.
Ray
More information about the dns-operations
mailing list