[dns-operations] if you're banning ANY queries, don't forget to ban SOA as well
Andrew Sullivan
ajs at anvilwalrusden.com
Sun Sep 4 12:57:46 UTC 2016
On Sat, Sep 03, 2016 at 09:07:25PM -0700, Damian Menscher wrote:
> I understand that RRL can help in the case of amplification directly off
> authoritative servers, but I've never seen an attacker do that (or perhaps
> just didn't notice).
Probbly the latter (or you're looking at the wrong servers). I've
seen it plenty.
A
--
Andrew Sullivan
ajs at anvilwalrusden.com
More information about the dns-operations
mailing list