Y
Hacker News
new
|
ask
|
show
|
jobs
by
Animats
3534 days ago
That's part of the problem. DNS servers should probably reject queries that require long answers when they come in over UDP. If you want a zone transfer, use TCP. That prevents amplification attacks.