Open Resolver Problems

• Previous message (by thread): Open Resolver Problems
• Next message (by thread): Open Resolver Problems
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

----- Original Message -----
> From: "Roland Dobbins" <rdobbins at arbor.net>

> On Apr 1, 2013, at 11:18 PM, Patrick W. Gilmore wrote:
> > Of course, since users shouldn't be using off-net name servers
> > anyway, this isn't really a problem! :)
> 
> ;>
> 
> It's easy enough to construct ACLs to restrict the broadband consumer
> access networks from doing so. Additional egress filtering would catch
> any reflected attacks, per your previous comments.

So, how would Patrick's caveat affect me, whose recursive resolver *is 
on my Linux laptop*?  Would not that recursor be making queries he 
advocates blocking?

Or don't I remember DNS well enough?

Cheers,
-- jra
-- 
Jay R. Ashworth                  Baylink                       jra at baylink.com
Designer                     The Things I Think                       RFC 2100
Ashworth & Associates     http://baylink.pitas.com         2000 Land Rover DII
St Petersburg FL USA               #natog                      +1 727 647 1274

• Previous message (by thread): Open Resolver Problems
• Next message (by thread): Open Resolver Problems
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]