DNSSEC signature can crash Bind name servers
From http://www.h-online.com/open/news/it...s-1251729.html
Quote:
Where a Bind name server is set up as a caching resolver, it is vulnerable to DoS attacks which could cause it to crash. ISC describes the issue in its advisory Large RRSIG RRsets and Negative Caching can crash named and categorises the problem, which can be triggered remotely, as 'high' severity.
|
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
|