Home page logo

bugtraq logo Bugtraq mailing list archives

RE: recursive DNS servers DDoS as a growing DDoS problem
From: gboyce <gboyce () badbelly com>
Date: Fri, 31 Mar 2006 12:38:36 -0500 (EST)

On Thu, 30 Mar 2006, Geo. wrote:

It's a security issue. He who controls the dns server controls you, yes?

Ok we are talking about locking down DNS like we locked down smtp relay. So
if you want to send a mail today can you just use any smtp server you want
or are you severly limited, possibly by a port 25 block which forces you to
use just your ISP's mail smtp server?

Don't you think creating a control point like that is dangerous? Especially
dangerous when it's DNS which runs virtually every function on the internet?

It's not a conspiracy theory, it's fact, if you create a control like that
someone is going to want to control it. I suggest only that we consider this
along with everything else.

I haven't heard anyone talk about requiring that users use their ISP's DNS server. Just that they should not be able to use any random DNS server on the internet.

What is stopping you from running your own local DNS server? My system at home runs named in a configuration that allows any systems on my local network to query from it. That's what I use as my authoritative nameserver.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]