[dns-operations] Should medium-sized companies run their own recursive resolver?
fergdawgster at mykolab.com
Wed Oct 16 20:58:31 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
On 10/16/2013 1:44 PM, James Cloos wrote:
>>>>>> "PH" == Paul Hoffman<paul.hoffman at vpnc.org> writes:
> PH> Should that company run its own recursive resolver for its
> PH> employees, or should it continue to rely on its ISP?
> *Every* site should run its own (preferably verifying) resolver.
I have no problem with that as long as they are not open resolvers -- we
already have somewhere in the neighborhood of 28-30 million of them that
pose a direct threat to the health & wellbeing of the Internet at-large
because they can be used to facilitate DNS amplification attacks.
- - ferg
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 10.2.0 (Build 2317)
-----END PGP SIGNATURE-----
Vice President, Threat Intelligence
Internet Identity, Tacoma, Washington USA
IID --> "Connect and Collaborate" --> www.internetidentity.com
More information about the dns-operations