I suspect that the origin of the myth that DNS/TCP is more
dangerous than DNS/UDP is that the first root expliot of
named was over TCP not UDP. There were later exploits that
were UDP only which totally busted the myth but it continues
to live.
Mark
