I thought I'd share this to anyone that wants to just force all TYPE=ANY queries over TCP to prevent those from coming from spoofed locations.
This is a crude but effective hack. It doesn't stop the system from recursing to find the response. http://puck.nether.net/~jared/bind-9.9.3rc2-tcp-any.patch - Jared _______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
