nanog mailing list archives
Re: Open Resolver Problems
From: Jay Ashworth <jra () baylink com>
Date: Mon, 1 Apr 2013 14:19:16 -0400 (EDT)
----- Original Message -----
From: "Roland Dobbins" <rdobbins () arbor net>
On Apr 1, 2013, at 11:18 PM, Patrick W. Gilmore wrote:Of course, since users shouldn't be using off-net name servers anyway, this isn't really a problem! :);> It's easy enough to construct ACLs to restrict the broadband consumer access networks from doing so. Additional egress filtering would catch any reflected attacks, per your previous comments.
So, how would Patrick's caveat affect me, whose recursive resolver *is on my Linux laptop*? Would not that recursor be making queries he advocates blocking? Or don't I remember DNS well enough? Cheers, -- jra -- Jay R. Ashworth Baylink jra () baylink com Designer The Things I Think RFC 2100 Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA #natog +1 727 647 1274
Current thread:
- Re: Open Resolver Problems, (continued)
- Re: Open Resolver Problems Dobbins, Roland (Apr 01)
- Re: Open Resolver Problems Owen DeLong (Apr 01)
- Re: Open Resolver Problems Dobbins, Roland (Apr 01)
- Re: Open Resolver Problems Owen DeLong (Apr 01)
- Re: Open Resolver Problems Dobbins, Roland (Apr 01)
- Re: Open Resolver Problems Paul Ferguson (Apr 01)
- Re: Open Resolver Problems Dobbins, Roland (Apr 01)
- Re: Open Resolver Problems Dobbins, Roland (Apr 01)
- RE: Open Resolver Problems Jamie Bowden (Apr 02)
- Re: Open Resolver Problems Valdis . Kletnieks (Apr 01)
- Re: Open Resolver Problems Jay Ashworth (Apr 01)
- Re: Open Resolver Problems Mikael Abrahamsson (Apr 01)
- Re: Open Resolver Problems John Kristoff (Apr 02)
- Re: Open Resolver Problems Joe Abley (Apr 02)
- Re: Open Resolver Problems John Kristoff (Apr 02)
- Re: Open Resolver Problems Jerry Dent (Apr 03)
- Re: Open Resolver Problems Joe Abley (Apr 03)
- Re: Open Resolver Problems Jay Ashworth (Apr 03)
- Re: Open Resolver Problems Joe Abley (Apr 03)