[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Fast Exit Node Operators - ISP in US



On Sat, 22 Nov 2014 21:48:21 -0800, Chuck Peters <cp@xxxxxxx> wrote:

I'm not a fan of OpenNIC because they were, and probably still are,
running open resolvers.  That means the servers are wide open to be used
for reflection attacks, cache poisening and likely numerous other
attacks.  And they didn't support DNSSEC.  And if they aren't logging
anything, how do they stop the attacks?

Was not aware of the open resolver attack vector issues with OpenNIC. Could they be stopped by rate limiting?

Does a project exist that supports encryption and pooling the recursive
queries, and DNSSEC, other than OpenDNS?

Don't know off-hand but maybe DNSchain is worth a look? http://okturtles.com/
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays