[dns-operations] happy september!

Ralf Weber dns at fl1ger.de
Tue Sep 6 14:15:05 UTC 2016


On 6 Sep 2016, at 13:35, Paul Vixie wrote:
> we are, again, talking about RRL and slip frames and blocking ANY and 
> using TCP as if it were reliable.
> so it must be september. three years ago, this was covered in depth, 
> here:
> http://www.circleid.com/posts/20130913_on_the_time_value_of_security_features_in_dns/
> blocking ANY remains as silly now as it ever was, and will be every 
> september to come.
Yeah I also had a groundhog day experience over the last couple of days, 
and while I agree with you on some points I still disagree with on that 
ANY blocking has no value. If that if is your only defence than it sure 
is silly, but if it is used as one tool in a toolbox that  has other 
tools like rate limiting or domain based blocking it is a valuable tool.

So long

More information about the dns-operations mailing list