James Cammarata <[EMAIL PROTECTED]> writes: >> or DNSSEC :-) > > Yeah, I'm just reading up on DNSSEC, though it seems like that is a much > more involved solution, requiring a lot more work to get out. This would > be a stop-gap methodology to prevent brute force cache poisoning attacks.
we have that now. udp port randomization and a 10Mbit/sec ethernet port (or a firewall with a 10Mbit/sec rate limit per remote IP address). -- Paul Vixie -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
