[dns-operations] summary of recent vulnerabilities in DNS security.

Colm MacCárthaigh colm at stdlib.net
Wed Jan 15 18:42:21 UTC 2014

On Wed, Jan 15, 2014 at 5:06 AM, Hannes Frederic Sowa <
hannes at stressinduktion.org> wrote:
> Would it be of interest to get the state of fragmentation on incoming
> datagrams by e.g. ancillary data on recvmsg so resolvers could check if
> the incoming packet was fragmented then drop and retry if it was below
> a certain size?

Yes, I'd appreciate that capability at least. It would also be nice to be
able to reject re-assembled datagrams whose fragments had different IP TTL

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20140115/522567f5/attachment.html>

More information about the dns-operations mailing list