On Mon, 28 Jul 2008, Colin Alston wrote: > > In fact, why *don't* implementations discard authoritative responses > from non-authoritative hosts? Or do we? Or am I horribly wrong?
The response is spoofed so that it appears to come from the correct host. > There's an argument that IP spoofing can easily derail this, but I'd shift > that argument higher up the OSI, blame TCP, and move on to recommending SYN > cookies. DNS uses UDP. Tony. -- f.anthony.n.finch <[EMAIL PROTECTED]> http://dotat.at/ THAMES DOVER WIGHT: SOUTH OR SOUTHWEST 5 OR 6 BECOMING VARIABLE 3 OR 4. SLIGHT OR MODERATE, OCCASIONALLY ROUGH IN WIGHT AT FIRST. THUNDERY SHOWERS. MODERATE OR GOOD.
