Open Resolver Problems

• Previous message (by thread): Open Resolver Problems
• Next message (by thread): Open Resolver Problems
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>On Apr 01, 2013, at 11:55 , "Milt Aitken" <milt at net2atlanta.com> wrote:
>>Most of our DSL customers have modem/routers that resolve DNS 
>>externally.
>>And most of those have no configuration option to stop it.
>>So, we took the unfortunate step of ACL blocking DNS requests to & from 
>>the DSL network unless the requests are to our DNS servers.
>>
>> Suboptimal, but it stopped the DNS amplification attacks.

Wow.  Glad I'm not a customer of yours.


* patrick at ianai.net (Patrick W. Gilmore) [Mon 01 Apr 2013, 18:04 CEST]:
>I was going to suggest exactly this.
>
>Don't most broadband networks have a line in their AUP about running 
>servers?

Huh?  No.  Thankfully.  Not all of us are mindless consumers.


	-- Niels.

• Previous message (by thread): Open Resolver Problems
• Next message (by thread): Open Resolver Problems
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]