recursion
Alan Clegg
aclegg at isc.org
Wed Mar 10 19:38:50 UTC 2010
Lightner, Jeff wrote:
> Modern being?
Actually....
In the 9.4 CHANGES file I find:
--- 9.4.0a4 released ---
[...]
2006. [security] Allow-query-cache and allow-recursion now default
to the builtin acls "localnets" and "localhost".
This is being done to make caching servers less
attractive as reflective amplifying targets for
spoofed traffic. This still leave authoritative
servers exposed.
The best fix is for full BCP 38 deployment to
remove spoofed traffic.
So, "modern" (in this case) is any currently supported version of BIND.
9.4, 9.5, 9.6, 9.7
AlanC
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: OpenPGP digital signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20100310/a2e88f63/attachment.bin>
More information about the bind-users
mailing list