[Sysadmins] Eircom DNS

Declan Kelly stdlib at groov.ie
Fri Jul 10 16:55:15 IST 2009


On Fri, Jul 10, 2009 at 09:32:31AM +0100, paul at jakma.org wrote:
> 
> >Having every end-user home and office computer running their own 
> >DNS resolver is not going to make it less likely that someone can 
> >do bad things - attacks on authoritative nameservers are more 
> >effective than going after the resolvers of any large consumer ISP, 
> >for example.
> 
> I've not heard of easy DNS-protocol attacks against authorative 
> servers.

I didn't say it had to be an easy DNS-protocol attack, or even an easy
attack for that matter.
 
> I.e. ISP-scale caching nameservers are just a really bad idea in this 
> day and age.

IPv4 and unauthenticated SMTP submission are also really bad ideas in
this day and age, but they aren't going to go away any time soon.

-- 
-Dec.				Consultant Sysadmin, Dublin.
---
"I am very new to programming drivers so if I sound un-knowledgeable
 then it's because I am." - Ceri Coburn, First4Internet, 2003-03-28



More information about the Sysadmins mailing list