http://cr.yp.to/djbdns/run-cache.html http://www.ro.kde.org/djbdns/mywork/jumbo/index.html
I never understood the mix of authoritive server and resolver ... Use dnscache as resolver and you you're (AFAIK) save. Regards Hagen Volpers > -----Urspr|ngliche Nachricht----- > Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Im Auftrag von Ted Unangst > Gesendet: Mittwoch, 9. Juli 2008 20:10 > An: Steve Tornio > Cc: misc > Betreff: Re: Actual BIND error - Patching OpenBSD 4.3 named ? > > On 7/9/08, Steve Tornio <[EMAIL PROTECTED]> wrote: > > > > I don't think this actually accomplishes much. It still > lets poisoned > > > replies back in on the previous port number. > > > > > > > > > > But does it allow a poisoned reply from the spoofed address? > > oh, right. I think I forgot even UDP packets have IP addresses. :(
