[dns-operations] responding to spoofed ANY queries

SM sm at resistor.net
Thu Jan 10 14:34:05 UTC 2013

Hi George,
At 01:53 10-01-2013, George Michaelson wrote:
>What makes you think they won't? I mean, isn't this a classic 
>mistake of cold war defense modelling, that you assume your enemy 
>will use weapons you can confidently defend against and ignore the 
>ones you suspect you cannot?

There are parallels with antispam.  The current suspect (ANY queries) 
will be considered as bad.  Abusers will move to the next low-hanging 
fruit  [1].  I would have to do something about the low-hanging fruit 
if it turns into an operational problem.

The problem is amplification.  It can only be mitigated.


1. https://lists.dns-oarc.net/pipermail/dns-operations/2006-March/000135.html 

More information about the dns-operations mailing list