[98490] in North American Network Operators' Group
Re: large organization nameservers sending icmp packets to dns servers.
daemon@ATHENA.MIT.EDU (Mark Andrews)
Thu Aug 9 21:44:22 2007
Date: Fri, 10 Aug 2007 11:43:23 +1000 (EST)
From: Mark Andrews <Mark_Andrews@isc.org>
To: nanog@merit.edu
Errors-To: owner-nanog@merit.edu
I suspect that the origin of the myth that DNS/TCP is more
dangerous than DNS/UDP is that the first root expliot of
named was over TCP not UDP. There were later exploits that
were UDP only which totally busted the myth but it continues
to live.
Mark
