[dns-operations] responding to spoofed ANY queries
SM
sm at resistor.net
Thu Jan 10 14:34:05 UTC 2013
Hi George,
At 01:53 10-01-2013, George Michaelson wrote:
>What makes you think they won't? I mean, isn't this a classic
>mistake of cold war defense modelling, that you assume your enemy
>will use weapons you can confidently defend against and ignore the
>ones you suspect you cannot?
There are parallels with antispam. The current suspect (ANY queries)
will be considered as bad. Abusers will move to the next low-hanging
fruit [1]. I would have to do something about the low-hanging fruit
if it turns into an operational problem.
The problem is amplification. It can only be mitigated.
Regards,
-sm
1. https://lists.dns-oarc.net/pipermail/dns-operations/2006-March/000135.html
More information about the dns-operations
mailing list