29 Jul
2008
29 Jul
'08
1:56 p.m.
Tony Finch wrote:
On Mon, 28 Jul 2008, Colin Alston wrote:
In fact, why *don't* implementations discard authoritative responses from non-authoritative hosts? Or do we? Or am I horribly wrong?
The response is spoofed so that it appears to come from the correct host.
There's an argument that IP spoofing can easily derail this, but I'd shift that argument higher up the OSI, blame TCP, and move on to recommending SYN cookies.
DNS uses UDP.
Ahh yes of course.. Why does it use UDP? :P