Recursion question
Barry Margolin
barmar at alum.mit.edu
Sat Oct 7 00:59:24 UTC 2006
In article <eg6ik9$hv5$1 at sf1.isc.org>, Fr34k <freaknetboy at yahoo.com>
wrote:
> Is this critical? Depends on your environment, risk, etc.
The reason dnsreport.com reports it as a serious error is because open
recursive servers have been used to perpetrate DoS attacks against other
nameservers, using a technique called "DNS Amplification".
So unless you need to allow recursion to the public (e.g. you're an
organization like OpenDNS), you're doing a public service by disabling
it.
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***
More information about the bind-users
mailing list