[dns-operations] responding to spoofed ANY queries
Router Log
logrouterlog at gmail.com
Thu Jan 17 08:47:18 UTC 2013
I would be in favour of either a compiler directive or configuration option
to disable support for ANY queries.
I'd save the time used in editing the code myself
Peter Davies
On Thu, Jan 17, 2013 at 5:39 AM, Vernon Schryver <vjs at rhyolite.com> wrote:
> > From: "Frank Bulk" <frnkblk at iname.com>
>
> > Perhaps the ratio could be a dynamic whitelist -- if it's 1.5 or less,
> then
> > allow the response to go out.
>
> What would be gained by spending the code complexity and CPU cycles
> such a mechanism would require? What bad things would be avoided
> or good things achieved?
>
> (Please do not mention false positives, because that notion of false
> positive is irrelevant and does not happen with RRL.)
>
>
> Vernon Schryver vjs at rhyolite.com
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-jobs mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20130117/cd58a1c0/attachment.html>
More information about the dns-operations
mailing list