[dns-operations] summary of recent vulnerabilities in DNS security.
colm at stdlib.net
Wed Jan 15 18:42:21 UTC 2014
On Wed, Jan 15, 2014 at 5:06 AM, Hannes Frederic Sowa <
hannes at stressinduktion.org> wrote:
> Would it be of interest to get the state of fragmentation on incoming
> datagrams by e.g. ancillary data on recvmsg so resolvers could check if
> the incoming packet was fragmented then drop and retry if it was below
> a certain size?
Yes, I'd appreciate that capability at least. It would also be nice to be
able to reject re-assembled datagrams whose fragments had different IP TTL
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the dns-operations