Zitat von [email protected]:
Zitat von [email protected]:
Ups, sorry. I forgot to disable S/MIME for the list-mail.
But the question remains:
What is "best practice" to limit the resources used and to be a
good citizen when using unbound as public DNSSEC aware resolver, or
is it no recommended at all?
Still no answer for this one so i guess it is not recommended at all...
Okay, so it boils down to the danger of being used as amplification in
a DoS with spoofed UDP source IP addresses. I will see what can be
done with ipt_recent and low resource settings to avoid DoS
amplification as much as possible.
Thanks
Andreas
_______________________________________________
Unbound-users mailing list
[email protected]
http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
