[dns-operations] if you're banning ANY queries, don't forget to ban SOA as well

Tony Finch dot at dotat.at
Tue Sep 6 09:55:05 UTC 2016

Roland Dobbins <rdobbins at arbor.net> wrote:
> Also, note that some attackers set up their own domains with large records
> precisely in order to use them for reflection/amplification attacks.

>From my point of view, I see this as a win for minimal-any, since it means
the attackers aren't using my infrastructure for their evil purposes. More
minimal-any makes attacks more difficult.

f.anthony.n.finch  <dot at dotat.at>  http://dotat.at/  -  I xn--zr8h punycode
South Biscay: Easterly 5 or 6. Moderate. Fair. Good.

More information about the dns-operations mailing list