> On Dec 10, 2014, at 20:27, Dnsbed (Jeff) <supp...@dnsbed.com> wrote: > <compose-unknown-contact.jpg> Stephane Bortzmeyer 2014年12月10日下午8:55 >> On Tue, Dec 02, 2014 at 02:01:48PM +0800, >> Ken Peng <yhp...@orange.fr> wrote >> >> By the way, they published a good technical report: >> >> http://blog.dnsimple.com/2014/12/incident-report-ddos/ >> _______________________________________________ >> dns-operations mailing list >> dns-operations@lists.dns-oarc.net >> https://lists.dns-oarc.net/mailman/listinfo/dns-operations >> dns-jobs mailing list >> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs > > UDB is hard to be defensed, as the spooled IPs are hard to setup the correct > firewall rules. > Can we guess the next generation of DNS will service primarily using TCP? >
I hope not. Poor UDP firewall rules is a terrible reason.
_______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
