Question, how would running two instances of DNS software on the same machine, using different ports protect against cache poisoning?
The authoritative-only server doesn't do any caching, and therefore there is no poisoning or pollution of the cache.
The caching-only server isn't authoritative for anything, and while the cache could potentially become polluted, it can't pass that pollution on to clients in an authoritative manner (which is the real danger).
The DNS protocol has worked quite well so far. I see no need to rewrite it in order to enable users perform less than clueful tasks.
There are some problems in the DNS, but I am still convinced that we can fix these problems without throwing out the whole thing.
-- Brad Knowles, <[EMAIL PROTECTED]>
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-Benjamin Franklin, Historical Review of Pennsylvania.GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E-(---) W+++(--) N+ !w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++) tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++) #---------------------------------------------------------------------- # To unsubscribe, send a message to <[EMAIL PROTECTED]>.
