On Thu, 11 Oct 2007, pdp (architect) wrote:
Thor, with no disrespect but you are wrong. Security in depth does not
work and I am not planning to support my argument in any way. This is
just my personal humble opinion. I've seen only failure of the
principles you mentioned. Security in depth
On Sun, 26 Mar 2006, Geo. wrote:
Spoofing is indeed the attack vector and it can also be utilized for
NTP, ICMP, etc. It is to blame.
Still, DNS is what's being exploited and in my opinion a broken feature
being exploited needs fixing, or it will be exploited.
What feature of DNS is being
On Wed, 8 Mar 2006, Security Lists wrote:
Sorry, I don't see this as amplification in your example, because YOUR dns
servers are 100% of the traffic. 1:1 ratio.
Once the first request to the nameservers is made, the object should be
cached by the nameservers. Instead of one packet to each
