[Unbound-users] allowing cache queries but not doing recursion for "foreign" networks
Greg A. Woods; Planix, Inc.
woods at planix.ca
Sun Feb 15 18:02:28 UTC 2009
On 15-Feb-2009, at 3:43 AM, Robert Edmonds wrote:
> Aaron Hopkins wrote:
>> Cache snooping lets anyone see who you've been talking to, when you
>> looked
>> it up, and when the cache will expire.
>
> cache snooping can also facilitate amplification attacks, see RFC
> 5358.
No, not without recursion enabled it can't.
--
Greg A. Woods; Planix, Inc.
<woods at planix.ca>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20090215/5657348c/attachment.bin>
More information about the Unbound-users
mailing list