[89458] in North American Network Operators' Group
Re: DNS Amplification Attacks
daemon@ATHENA.MIT.EDU (Gadi Evron)
Mon Mar 20 16:33:13 2006
Date: Mon, 20 Mar 2006 23:30:46 +0200
From: Gadi Evron <ge@linuxbox.org>
To: "Geo." <geoincidents@nls.net>
Cc: nanog@merit.edu
In-Reply-To: <EKECJMGPAACGOMIGLJJDIEKGGOAA.geoincidents@nls.net>
Errors-To: owner-nanog@merit.edu
Geo. wrote:
>>Recursion the way it is set now with most DNS implementations, is the
>>problem being exploited by spoofing. It is true spoofing is bad for our
>>health, but that does not mean we should ignore what actually gets
>>exploited, which is recursive name servers open to the world.
>>
>>Fixing the one does not mean we shouldn't fix the other.
>
>
> But fixing recursion also fixes the internet (fixes as in how you fix a dog)
> in that he who controls the DNS controls the net. Fixing DNS is going to
> hand over strict control to governments because now they can prevent you
> from resolving anything they don't want you to resolve.
Where did that come from? I respect you but please, let's have a
technical discussion. This is important enough for us all to avoid the
flame-wars for now. Don't move this thread to politics or lunacies.
