Re: increasing DNS message entropy, a solution for NATs
> Alex Bligh wrote:
>>> Because various NAT/PAT gateways put all the possible and impossible
>>> modificaitons on certain, including DNS, packets that there is virtually
>>> no directness expected.[/color]
>> I am guessing this is a very common SoHo configuration though.[/color]
> Has anyone stopped to ask how much effort/emphasis should really be
> spent trying to protect end users?
> People perpetrating attacks on the internet still pay attention to the
> principals of economics, that is getting the most benefit from the least
> amount of work.
> For what it's worth, I think the real focus here should be ISP
> resolvers, not home users. Not to mention this should be a simpler
> problem to solve for a number of reasons.
> It seems to me that there is an excessive amount of attention being paid
> to protect what is potentially 1 machine in most cases.[/color]
This problem does not only affect home users.
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
to unsubscribe send a message to [email]firstname.lastname@example.org[/email] with
the word 'unsubscribe' in a single line as the message text body.