On Sat, 26 Jul 2008, Skeeve Stevens wrote:

> I understand the issue of the current security breach and the poisoning
> attack against certain implementations of the DNS daemon, but assuming you
> are running the latest safest version, is there anything actually wrong with
> running an open DNS server?



Sure, the newer cache poisoning attack that will be discovered maybe
tomorrow, you can only protect with thats protected today, not whats found
tomorrow, by time its fixed, tough, the damage has been done and some your
customers have been screwed over because you run poor security on your
network, it's reckless to operate an open query server, you don't allow
other networks to route egeneral/p2p traffic to your competitors via your
network do you.
do you.


--
Cheers
Res
--- Usenet policy, and why I might ignore you ---
1/ GoogleGroups are UDP'd on my nntp server. If you use them, don't
waste your time or energy replying to me.

2/ If only cleanfeed filtered out trolls as well as spam, usenet would be
a nicer place.