Maintained by: NLnet Labs

[Unbound-users] Unbound as public DNSSEC resolver

Paul Wouters
Wed Oct 13 20:20:56 CEST 2010


On Wed, 13 Oct 2010, Carsten Strotmann wrote:

> If "public" meant a DNS Resolver that can be used by anyone, without
> restrictions to local clients/networks/ip addresses, than yes, it is a
> bad thing and not recommended

I disagree it is a bad thing. I run open resolvers on purpose as a service.
Just because some abuse happens does not make it evil.

If you say "unmaintained publiv DNS servers are bad" then I'll agree.

Apart from that, I think the botnets have reached sizes where DNS amplification
is really not that much of tool anymore to DOS a network link.

Paul