2012 OARC Name Server Selection of DNS Caching Resolvers

Daisuke HIGASHI daisuke.higashi at gmail.com
Fri Sep 25 15:13:39 UTC 2015

Hi Richard,

AFAIK there were no big changes in Unbound's NS selection algorithm for

In Aug 2013 researchers pointed out the flaw in _BIND9's_ nameserver
selection algorithm that attackers could subvert randomization of NS
selection [1].
ISC stated that it is not considered a security vulnerability but they also
stated that
the algorithm will be improved [2]. I don't know further status of BIND9's

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20150926/22233838/attachment.htm>

More information about the Unbound-users mailing list