26 Mar
2013
26 Mar
'13
10:43 a.m.
On Mar 26, 2013, at 10:38 , Jay Ashworth <jra@baylink.com> wrote:
From: "Jared Mauch" <jared@puck.nether.net>
b) locking down your recursive servers to networks you control
Sure. But OpenDNS, Google, and the other providers of recursive servers for edge cases can't do that anymore?
I wish people would stop bring that up. I guarantee I see at least as many reflection attack as anyone out there. I have not _once_ called/emailed Open, Google, Dyn, Ultra, or any other professional DNS provider asking them to stop amplifying attacks to us. If you can run a server as competently as they can, then no one will complain. For the other 99.99999999% of you, LOCK THAT SHIT DOWN. -- TTFN, patrick