message ``sendto failed: Invalid argument''
Arnt Gulbrandsen
arnt at gulbrandsen.priv.no
Mon Jan 30 10:03:46 UTC 2006
Miek Gieben writes:
> [On 26 Jan, @18:32, Peter Koch wrote in "message ``sendto failed: Inval ..."]
>> So, nsd could (silently) ignore DNS packets with src port 0 or log
>> the error with more detail or both. Opinions?
>
> Hmm... the current behavoir of NSD should be changed IMO. The danger
> is that if we log such queries we create a small DOS attack (which is
> also present now).
Since the DOS is present, does it matter if it's extended a bit? As long
as the log message doesn't fill the logs in the the absence of attacks,
I mean?
After all, anyone with access to the source can DOS nsd perfectly well
as it is.
Arnt
More information about the nsd-users
mailing list