[dns-operations] How Stack Overflow plans to survive the next DNS attack
Klaus Darilion
klaus.mailinglists at pernau.at
Wed Jan 18 22:58:29 UTC 2017
still no guarantee that the slave will transfer the zone :)
lg
On 12.01.2017 13:05, Jared Mauch wrote:
> There is likely nothing stopping notify over TCP. People could use that :-)
>
> Jared Mauch
>
>> On Jan 11, 2017, at 3:37 PM, Paul Vixie <vixie at tisf.net> wrote:
>>
>> NOTIFY was defined that way because folks wanted it to be able to work over UDP, and we knew that UDP source addresses could be spoofed. thus it's very lightweight and there is no value at all to an attacker who spoofs a NOTIFY.
>
>
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-operations mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
>
More information about the dns-operations
mailing list