On Sat, 22 Nov 2014 21:48:21 -0800, Chuck Peters <cp@xxxxxxx> wrote:
I'm not a fan of OpenNIC because they were, and probably still are, running open resolvers. That means the servers are wide open to be used for reflection attacks, cache poisening and likely numerous other attacks. And they didn't support DNSSEC. And if they aren't logging anything, how do they stop the attacks?
Was not aware of the open resolver attack vector issues with OpenNIC. Could they be stopped by rate limiting?
Does a project exist that supports encryption and pooling the recursive queries, and DNSSEC, other than OpenDNS?
Don't know off-hand but maybe DNSchain is worth a look? http://okturtles.com/
_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays