[dns-operations] DNS Attack over UDP fragmentation
Stephane Bortzmeyer
bortzmeyer at nic.fr
Thu Sep 5 09:11:58 UTC 2013
On Wed, Sep 04, 2013 at 05:01:47PM +0000,
Dan York <york at isoc.org> wrote
a message of 32 lines which said:
> My interest in understanding this attack is to understand how severe
> it may be and whether or not it would be prevented by full
> deployment of DNSSEC.
My opinion is that, yes, it is a real and practical attack, and it
could be prevented by full deployment of DNSSEC. (Deploying IPv6 would
help, too, for the reasons explained here.)
More information about the dns-operations
mailing list