Archives
Archives
| From: | Alarig Le Lay <alarig@××××××××××.fr> | ||
|---|---|---|---|
| To: | gentoo-user@l.g.o | ||
| Subject: | Re: [gentoo-user] [OT] router woes | ||
| Date: | Wed, 29 Mar 2017 12:27:16 | ||
| Message-Id: | 20170329122656.xniel6i4vv2tk7kr@mew.swordarmor.fr | ||
| In Reply to: | Re: [gentoo-user] [OT] router woes by Jorge Almeida |
||
| 1 | On mer. 29 mars 05:02:16 2017, Jorge Almeida wrote: |
| 2 | > BTW, I've been using dnscache (from djbdns) for years. I suppose that |
| 3 | > protects against spoofing? |
| 4 | |
| 5 | It depends of from what you want to protect. DNS is an all clear |
| 6 | protocol, it’s easy to modify packet. Plus, the DNSSEC deployment is |
| 7 | too few, and even with DNSSEC, you have to validate localy. |
| 8 | |
| 9 | It’s just more difficult for the ISP to spoof DNS packets than make their |
| 10 | resolver lying. |
| 11 | |
| 12 | -- |
| 13 | alarig |
| File name | MIME type |
|---|---|
| signature.asc | application/pgp-signature |