DNS Amplification Attacks

Gadi Evron ge at linuxbox.org
Mon Mar 20 21:30:46 UTC 2006

Geo. wrote:
>>Recursion the way it is set now with most DNS implementations, is the
>>problem being exploited by spoofing. It is true spoofing is bad for our
>>health, but that does not mean we should ignore what actually gets
>>exploited, which is recursive name servers open to the world.
>>Fixing the one does not mean we shouldn't fix the other.
> But fixing recursion also fixes the internet (fixes as in how you fix a dog)
> in that he who controls the DNS controls the net. Fixing DNS is going to
> hand over strict control to governments because now they can prevent you
> from resolving anything they don't want you to resolve.

Where did that come from? I respect you but please, let's have a 
technical discussion. This is important enough for us all to avoid the 
flame-wars for now. Don't move this thread to politics or lunacies.

More information about the NANOG mailing list