Date: Wed, 22 Jan 2003 14:58:13 -0800 From: Michael Sierchio <kudzu@tenebras.com> To: Mike Hoskins <mike@adept.org> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Limiting icmp unreach response from 231 to 200 packets per second Message-ID: <3E2F2205.3060306@tenebras.com> In-Reply-To: <20030122112600.G12348-100000@fubar.adept.org> References: <20030122112600.G12348-100000@fubar.adept.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Mike Hoskins wrote: > On Tue, 21 Jan 2003, Ronan Lucio wrote: > > >I think a good solution is install a DJB DNS Cache and leave it > >just to answer DNS queries. > > > If you can stand DJB's rhetoric. Sure, he seems like a smart enough > guy... If he wasn't such an a$$. I guess that's a problem with a lot of > "smart" people though. Yes, he's cranky and exigent. But BIND and Sendmail have a long history of security vulnerabilities, and of being generally porcine. Dan's long-standing cash reward offer for discovery of vulnerabilities in his software has never been claimed. djbdns works brilliantly, correctly separates caching server which performs recursive queries from the domain server which responds only to queries for which it is authoritative. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3E2F2205.3060306>