[dns-operations] resolvers considered harmful
Simon.Munton at cdns.net
Thu Oct 23 07:41:11 UTC 2014
If a poisoning attack does not require access to a resolver, surely the
same attack will not require access to the end host?
Comes down to the age old argument of one big machine (easier to secure
but provides a bigger target) to billions of little machines (almost
impossible to be all secure but each target is smaller).
On 23/10/14 02:07, Mark Allman wrote:
> Could there be attacks against the internal lookup process on a host?
> Of course. But, those are attacks that require some sort of access to
> the end host first.
More information about the dns-operations