[Unbound-users] Unbound as public DNSSEC resolver

Paul Wouters paul at xelerance.com
Wed Oct 13 18:20:56 UTC 2010

On Wed, 13 Oct 2010, Carsten Strotmann wrote:

> If "public" meant a DNS Resolver that can be used by anyone, without
> restrictions to local clients/networks/ip addresses, than yes, it is a
> bad thing and not recommended

I disagree it is a bad thing. I run open resolvers on purpose as a service.
Just because some abuse happens does not make it evil.

If you say "unmaintained publiv DNS servers are bad" then I'll agree.

Apart from that, I think the botnets have reached sizes where DNS amplification
is really not that much of tool anymore to DOS a network link.


More information about the Unbound-users mailing list