[dns-operations] if you're banning ANY queries, don't forget to ban SOA as well
Tony Finch
dot at dotat.at
Tue Sep 6 09:55:05 UTC 2016
Roland Dobbins <rdobbins at arbor.net> wrote:
>
> Also, note that some attackers set up their own domains with large records
> precisely in order to use them for reflection/amplification attacks.
>From my point of view, I see this as a win for minimal-any, since it means
the attackers aren't using my infrastructure for their evil purposes. More
minimal-any makes attacks more difficult.
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/ - I xn--zr8h punycode
South Biscay: Easterly 5 or 6. Moderate. Fair. Good.
More information about the dns-operations
mailing list