Once upon a time, Eric Kuhnke <eric.kuhnke@gmail.com> said:
Considering that one can run an instance of an anycasted recursive nameserver, under heavy load for a very large number of clients, on a $600 1U server these days... I wonder what exactly the threat model is.
A customer forwarded one of these notices to us - looked like it's about recursive DNS cache poisoning. It's been a while since I looked closely, but I thought modern recursive DNS software was pretty resistant to that, and anyway, the real answer to that is DNSSEC. I could be wrong, but getting a scary-sounding OMG SECURITY ALERT email from some group I've never heard of (and haven't AFAIK engaged the community about their "new" attack, scans, or notices)... seems more like shameless self promotion. -- Chris Adams <cma@cmadams.net>