From: | Alarig Le Lay <alarig@××××××××××.fr> | ||
---|---|---|---|
To: | gentoo-user@l.g.o | ||
Subject: | Re: [gentoo-user] [OT] router woes | ||
Date: | Wed, 29 Mar 2017 12:27:16 | ||
Message-Id: | 20170329122656.xniel6i4vv2tk7kr@mew.swordarmor.fr | ||
In Reply to: | Re: [gentoo-user] [OT] router woes by Jorge Almeida |
1 | On mer. 29 mars 05:02:16 2017, Jorge Almeida wrote: |
2 | > BTW, I've been using dnscache (from djbdns) for years. I suppose that |
3 | > protects against spoofing? |
4 | |
5 | It depends of from what you want to protect. DNS is an all clear |
6 | protocol, it’s easy to modify packet. Plus, the DNSSEC deployment is |
7 | too few, and even with DNSSEC, you have to validate localy. |
8 | |
9 | It’s just more difficult for the ISP to spoof DNS packets than make their |
10 | resolver lying. |
11 | |
12 | -- |
13 | alarig |
File name | MIME type |
---|---|
signature.asc | application/pgp-signature |