[AusNOG] "stateless TCP" for DNS
Dobbins, Roland
rdobbins at arbor.net
Mon Nov 15 12:51:12 EST 2010
On Nov 14, 2010, at 11:12 PM, Terry Manderson wrote:
> The next thought I have, is along the lines of the good old SYN flood attack.. or other security facets... :-)
There are well-known, widely-understood techniques for detecting/classifying/tracing back/mitigating these, however; they're a threat to DNS today, so that wouldn't change.
What *would* change, hopefully, is getting rid of the attack vectors DNSSEC a) is subject to and b) enables.
;>
-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
Sell your computer and buy a guitar.
More information about the AusNOG
mailing list