| HN Mirror

Y	Hacker News new \| ask \| show \| jobs


	by LK5ZJwMwgBbHuVI 983 days ago
	We could have prevented the replay/amplification dos attacks that use DNS by making DNS use TCP. In practice though the only way to "fix" DNS that would've worked in the 80s would've probably been to require the request be padded to larger than the response...

1 comments

smallnix 983 days ago

But TCP is way more complex

link

LK5ZJwMwgBbHuVI 977 days ago

... yeah? I know? "In practice though the only way to "fix" DNS that would've worked in the 80s would've probably been to require the request be padded to larger than the response..."

It's not as complex as some "mutual authentication" scheme though lmao

link