|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
From: "Patrick W. Gilmore" <patrick@ianai.net> In-Reply-To: <9317550.10944.1364308718442.JavaMail.root@benjamin.baylink.com> Date: Tue, 26 Mar 2013 10:43:11 -0400 To: NANOG list <nanog@nanog.org> Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org On Mar 26, 2013, at 10:38 , Jay Ashworth <jra@baylink.com> wrote: >> From: "Jared Mauch" <jared@puck.nether.net> >=20 >> b) locking down your recursive servers to networks you control >=20 > Sure. But OpenDNS, Google, and the other providers of recursive = servers > for edge cases can't do that anymore? I wish people would stop bring that up. I guarantee I see at least as many reflection attack as anyone out = there. I have not _once_ called/emailed Open, Google, Dyn, Ultra, or any = other professional DNS provider asking them to stop amplifying attacks = to us. If you can run a server as competently as they can, then no one will = complain. For the other 99.99999999% of you, LOCK THAT SHIT DOWN. --=20 TTFN, patrick
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |