[dns-operations] happy september!
Ralf Weber
dns at fl1ger.de
Tue Sep 6 14:15:05 UTC 2016
Moin!
On 6 Sep 2016, at 13:35, Paul Vixie wrote:
> we are, again, talking about RRL and slip frames and blocking ANY and
> using TCP as if it were reliable.
>
> so it must be september. three years ago, this was covered in depth,
> here:
>
> http://www.circleid.com/posts/20130913_on_the_time_value_of_security_features_in_dns/
>
> blocking ANY remains as silly now as it ever was, and will be every
> september to come.
Yeah I also had a groundhog day experience over the last couple of days,
and while I agree with you on some points I still disagree with on that
ANY blocking has no value. If that if is your only defence than it sure
is silly, but if it is used as one tool in a toolbox that has other
tools like rate limiting or domain based blocking it is a valuable tool.
So long
-Ralf
More information about the dns-operations
mailing list