Jonathan Yarden @ TechRepublic: Disable DNS caching on workstations
Mikael Abrahamsson
swmike at swm.pp.se
Mon Apr 18 19:16:10 UTC 2005
On Mon, 18 Apr 2005, Jason Frisvold wrote:
> Is it possible to "prevent" poisoning attacks? Is it beneficial, or
> even possible, to prevent TTL's from being an excessively high value?
It would be very interesting in seeing the difference in DNS traffic for a
domain if it sets TTL to let's say 600 seconds or 86400 seconds. This
could perhaps be used as a metric in trying to figure out the impact of
capping the TTL? Anyone know if anyone did this on a large domain and have
some data to share?
If one had to repeate the cache poisoning every 10 minutes I guess life
would be much harder than if you had to do it once every day?
--
Mikael Abrahamsson email: swmike at swm.pp.se
More information about the NANOG
mailing list