maybe a dumb idea on how to fix the dns problems i don't know....

• Previous message (by thread): maybe a dumb idea on how to fix the dns problems i don't know....
• Next message (by thread): maybe a dumb idea on how to fix the dns problems i don't know....
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 9 Aug 2008, at 18:10, Matt F wrote:

> Why not just require TCP for a lookup if a response with an  
> incorrect TXID is received?  You could require TCP for just the one  
> lookup or for some configured interval, say 1 hour.  That should  
> slow attackers down substantially.

That sounds like a good way for a remote attacker to make a resolver  
disable UDP transport for a server, more or less at will. I'm not sure  
I like the sound of that.


Joe

• Previous message (by thread): maybe a dumb idea on how to fix the dns problems i don't know....
• Next message (by thread): maybe a dumb idea on how to fix the dns problems i don't know....
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]