[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Open Resolver Problems
- Subject: Open Resolver Problems
- From: patrick at ianai.net (Patrick W. Gilmore)
- Date: Tue, 26 Mar 2013 10:43:11 -0400
- In-reply-to: <[email protected]>
- References: <[email protected]>
On Mar 26, 2013, at 10:38 , Jay Ashworth <jra at baylink.com> wrote:
>> From: "Jared Mauch" <jared at puck.nether.net>
>
>> b) locking down your recursive servers to networks you control
>
> Sure. But OpenDNS, Google, and the other providers of recursive servers
> for edge cases can't do that anymore?
I wish people would stop bring that up.
I guarantee I see at least as many reflection attack as anyone out there. I have not _once_ called/emailed Open, Google, Dyn, Ultra, or any other professional DNS provider asking them to stop amplifying attacks to us.
If you can run a server as competently as they can, then no one will complain.
For the other 99.99999999% of you, LOCK THAT SHIT DOWN.
--
TTFN,
patrick