At 06:04 28-05-2009, Alessandro Vesely wrote:
Douglas Otis wrote:
Just using TCP would prevent most of the DNS poisoning attacks
that Amir's paper reports.
TCP is prone to DDoS attack. As such, TCP is seldom used with DNS.
I thought TCP was the default when the UDP message size is not
enough. That's, AFAIK, the
It is. The statement about why TCP is seldom used is incorrect.
"UDP is not acceptable for zone transfers, but is the recommended
method for standard queries in the Internet."
UDP is used as the message is generally less than 512 bytes. I'm
ignoring EDNS0 support. If the message is truncated, a TCP connection is used.
Regards,
-sm
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg