[dns-operations] responding to spoofed ANY queries

Router Log logrouterlog at gmail.com
Thu Jan 17 08:47:18 UTC 2013

I would be in favour of either a compiler directive or configuration option
to disable support for ANY queries.
I'd save the time used in editing the code myself

Peter Davies

On Thu, Jan 17, 2013 at 5:39 AM, Vernon Schryver <vjs at rhyolite.com> wrote:

> > From: "Frank Bulk" <frnkblk at iname.com>
> > Perhaps the ratio could be a dynamic whitelist -- if it's 1.5 or less,
> then
> > allow the response to go out.
> What would be gained by spending the code complexity and CPU cycles
> such a mechanism would require?  What bad things would be avoided
> or good things achieved?
> (Please do not mention false positives, because that notion of false
> positive is irrelevant and does not happen with RRL.)
> Vernon Schryver    vjs at rhyolite.com
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-jobs mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20130117/cd58a1c0/attachment.html>

More information about the dns-operations mailing list