Maintained by: NLnet Labs

[Unbound-users] Does unbound work with Cisco WCCP?

krad
Tue Jun 23 16:50:43 CEST 2015


Or why not just simply block outbound dns traffic unless from one of your
official sources. It's likely to break some things yes, but its a more up
front and honest policy.

On 23 June 2015 at 15:25, Stuart Henderson <stu at spacehopper.org> wrote:

> On 2015-06-23, Yuri Voinov <yvoinov at gmail.com> wrote:
> > You are completely overlooked some providers in some countries that
> > censor the DNS/DNSSEC etc.etc.etc. I am interested in is not the purpose
> > of hacking, and to counteract censorship, if everyone understands what I
> > mean.
> >
> > Please keep in mind,I'm talking about the interception of requests for
> > name resolution in favor of a clean cache, which is used as a source of
> > reliable server through dnscrypt. So, my users can't get poisoned by
> > provider DNS answers.
>
> Perhaps you should look at dnscrypt or similar instead? WCCP for DNS
> is more like a mechanism that a provider might want to use to help
> them poison answers...
>
>
> _______________________________________________
> Unbound-users mailing list
> Unbound-users at unbound.net
> http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://unbound.nlnetlabs.nl/pipermail/unbound-users/attachments/20150623/6ba9aebe/attachment.html>