On Jan 18, 2012, at 2:45 AM, Leigh Porter wrote: > The firewall is significant because the attacks killed the firewall as it is > rather under specified (not my idea..).
DNS servers (nor any other kind of server, for that matter) should never be placed behind stateful firewalls - the largest firewall one can build or buy will choke under even moderate DDoS attacks due to state-table exhaustion: <https://files.me.com/roland.dobbins/679xji> ----------------------------------------------------------------------- Roland Dobbins <rdobb...@arbor.net> // <http://www.arbornetworks.com> The basis of optimism is sheer terror. -- Oscar Wilde
