[79937] in North American Network Operators' Group
Re: Jonathan Yarden @ TechRepublic: Disable DNS caching on workstations
daemon@ATHENA.MIT.EDU (Mikael Abrahamsson)
Mon Apr 18 15:19:40 2005
Date: Mon, 18 Apr 2005 21:16:10 +0200 (CEST)
From: Mikael Abrahamsson <swmike@swm.pp.se>
To: nanog@merit.edu
In-Reply-To: <924f292805041812052803616c@mail.gmail.com>
Errors-To: owner-nanog@merit.edu
On Mon, 18 Apr 2005, Jason Frisvold wrote:
> Is it possible to "prevent" poisoning attacks? Is it beneficial, or
> even possible, to prevent TTL's from being an excessively high value?
It would be very interesting in seeing the difference in DNS traffic for a
domain if it sets TTL to let's say 600 seconds or 86400 seconds. This
could perhaps be used as a metric in trying to figure out the impact of
capping the TTL? Anyone know if anyone did this on a large domain and have
some data to share?
If one had to repeate the cache poisoning every 10 minutes I guess life
would be much harder than if you had to do it once every day?
--
Mikael Abrahamsson email: swmike@swm.pp.se
