Hi bind-users,
This vulnerability was recently fixed in BIND 9.16.33:
CVE-2022-2795: Processing large delegations may severely degrade resolver
performance
Question: Would a server that is configured to forward all queries be impacted
by this issue?
Thanks,
Greg
--
Visit https://lists.isc.org
can stats channel be config'd for (only) secure access?
does it use the 'tls' config, or other?
Not at the moment.
ok
Please note the statistics channel must not be exposed to any unauthorized
access, so the most safe way is to expose it only on localhost anyway - and
then TLS is just over
Let's not overthink this. I fear that I've activated a lot of creative
circuitry in individuals and provided flimsy details around my example.
There are no outside clients. In this example, I'm only discussing inside
clients on inside DNS. The recursive resolvers that ALL inside clients
connect to
On 14. 10. 22 18:08, Bob McDonald wrote:
I'm thinking about redesigning an internal DNS environment. To begin
with, all internal DNS zones would reside on non-recursive servers
only. That said, all clients would connect to recursive resolvers.
The question is this; do I use an internal root with
On 14. 10. 22 17:59, PGNet Dev wrote:
can stats channel be config'd for (only) secure access?
does it use the 'tls' config, or other?
Not at the moment.
Please note the statistics channel must not be exposed to any
unauthorized access, so the most safe way is to expose it only on
localhost a
5 matches
Mail list logo
