* Ben Croswell: > Cyber folks asked if there was any way for the DNS servers to "protect" the > vulnerable clients. > The only thing i could see from the explanation was disabling or limiting > edns0 sizes. That is obviously not a long term option.
EDNS0 buffer sizes do not apply to TCP responses, so this is not an effective mitigation, I'm afraid. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
