Discuss mailing list

[Christopher <weblionx AT gmail.com>]

Has anyone ever tried using TCP only for a DNS server? I don't know
how well clients would handle that, and I know it has some extra
latency, but if it eliminates the ability to use it for a DDoS it
seems like it might be something worth trying.

I'm assuming that regular TCP-DNS uses one connection per query. Would
it be possible to set it up so it kept the connection up for many
queries, or would that require using a tunnel or rewriting software?

- C

On Fri, May 24, 2013 at 6:40 AM, Psilo <dns AT psilo.org> wrote:
> Thank you Jeff for binging the conversation back to the topic.
>
> Eric: I am simply using the rules mentioned in the wiki pointed by Jeff.
>
> The IRC conversation with the guy that understands nothing to DNS
> amplification attacks is just useless.
>
> Psilo
>
>
> Le vendredi 24 mai 2013, Jeff Taylor a écrit :
>
>> We have a collection of rules posted here:
>> http://wiki.opennicproject.org/Tier2Security
>>
>>
>> On 05/23/2013 09:43 AM, Éric Boucher wrote:
>>
>> This is great changes... May i ask for your rules so i can add it to mine
>> ?
>>
>> Thanks,
>> Éric
>>
>>
>