[ratelimits] An abstract on another approach
Paul Vixie
paul at redbarn.org
Wed Mar 6 10:32:15 UTC 2013
does anyone believe that worldwide adoption of a "let's turn off UDP/ANY
for security reasons" would remove this capability from enough servers
in the policy's first 25 years to make any difference?
of such believers, do any also believe that the attackers will be unable
or unwilling to find an alternative query?
security economics tells us not to bother building defenses whose cost
is higher than the attackers' cost of evading them.
see <http://en.wikipedia.org/wiki/Maginot_Line>.
paul
re:
Tony Finch wrote:
> Edward Lewis <Ed.Lewis at neustar.biz> wrote:
>
>> Now, that is not alone a reason to "lose" a feature. The reason we want
>> to "lose" UDP/ANY comes from the observation that it has become to be a
>> tool of malicious behavior in a way that far out-weighs the earnest use.
>
> The same could be said of SMTP...
>
> Tony.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.redbarn.org/pipermail/ratelimits/attachments/20130306/e304d686/attachment.htm>
More information about the ratelimits
mailing list