Barry Margolin <[EMAIL PROTECTED]> writes: >> > Are there any configuration changes that can be made to BIND to force >> > it to use TCP exclusively and never use UDP? Possible? >> >> I guess not, why? > > I'm guessing he's considering this as a better solution to the Kaminsky > attack.
noone who has read RFC 1035 4.2.2 will think TCP/53 is a solution to anything other than zone transfer or truncation, and anyone who does read it will have to realize that TCP/53 only works because there's no current benefit to be had in holding TCP/53's head underwater. -- Paul Vixie -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.