Maintained by: NLnet Labs

[Unbound-users] allowing cache queries but not doing recursion for "foreign" networks

Ondřej Surý
Sun Feb 15 19:28:58 CET 2009


>>> Cache snooping lets anyone see who you've been talking to, when you
>>> looked
>>> it up, and when the cache will expire.
>>
>> cache snooping can also facilitate amplification attacks, see RFC 5358.
>
>
> No, not without recursion enabled it can't.

Yes, it can. Just spoof query to something which is already in cache
(like root servers).

O.
-- 
Ondřej Surý <ondrej at sury.org>