Re: ISC BIND Amplification Attack

To: "Brian A. Seklecki" <lavalamp%spiritual-machines.org@localhost>
Subject: Re: ISC BIND Amplification Attack
From: Geert Hendrickx <ghen%telenet.be@localhost>
Date: Wed, 28 Jan 2009 19:40:58 +0100

On Wed, Jan 28, 2009 at 01:10:50PM -0500, Brian A. Seklecki wrote:
> 
> 
> > In what way does BIND 9.5.x solve this issue?
> >
> 
> Several new (default) options allow you to deny queries from the cache for
> non-authoritative domains.
> 
> 
> 'additional-from-cache' and 'allow-query-cache' from what I'm told.
> 
> ~BAS


I thought additional-from-cache was available in (at least) BIND 9.3, and
allow-query-cache in BIND 9.4.  Not sure about the defaults though.

        Geert

References:
- ISC BIND Amplification Attack
  - From: Brian A. Seklecki
- Re: ISC BIND Amplification Attack
  - From: Geert Hendrickx
- Re: ISC BIND Amplification Attack
  - From: Brian A. Seklecki

Prev by Date: Re: ISC BIND Amplification Attack
Next by Date: VPN client for Windows for NetBSD VPN gateway
Previous by Thread: Re: ISC BIND Amplification Attack
Next by Thread: VPN client for Windows for NetBSD VPN gateway
Indexes:

Home | Main Index | Thread Index | Old Index