Home page logo
/

nanog logo nanog mailing list archives

Re: DNS deluge for x.p.ctrc.cc
From: Jon Lewis <jlewis () lewis org>
Date: Sat, 25 Feb 2006 16:42:07 -0500 (EST)


On Fri, 24 Feb 2006, Chris Adams wrote:

One thing to note: we've discovered that on some common DSL routers, the
internal DNS caching server is on by default and answers requests on the
outside IP address.  IIRC some even do it when configured for NAT.

So, even when you disable outside recursion, things you may not think of
on the inside of your network may still allow outside DNS recursion.

Efficient Networks DSL routers suffer from this problem if DNS servers are defined in the DHCP server config on the router. It's more of a DNS proxy though. It doesn't do any caching.

----------------------------------------------------------------------
 Jon Lewis                   |  I route
 Senior Network Engineer     |  therefore you are
 Atlantic Net                |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault