[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Open Resolver Problems

On Tue, Mar 26, 2013 at 7:04 PM, Matthew Petach <mpetach at netflight.com>wrote:

> On Tue, Mar 26, 2013 at 6:06 PM, John Levine <johnl at iecc.com> wrote:
> >>As a white-hat attempting to find problems to address through legitimate
> means, how
> >>do you ?
> >
> > You make friends with people with busy authoritative servers and see
> > who's querying them.
> I'm confused.  Don't most authoritative servers have to
> answer to just about anyone in order to be useful?
> Matt

Authoritative DNS servers need to implement rate limiting. (a client
shouldn't query you twice for the same thing within its TTL).