[PLUG] clinic from dec. 15 named.conf question

Russell Senior russell at personaltelco.net
Fri Dec 20 01:10:54 UTC 2019


> If there is any chance to reach your recursive/forwarding server from the
> nets -
> make sure to setup authentication, so that you do not end up participating
> in
> DNS amplification attacks.
>

LOL, I've done that (some years ago). You don't want to do that! Not least
because even after you have fixed it, the attacker doesn't know you fixed
it (they forged the source address, so they never actually see a reply) and
they'll keep hammering you for some time. Fun times.

-- 
Russell Senior
russell at personaltelco.net



More information about the PLUG mailing list