Insecure response BIND 9.7.0b2
Stephane Bortzmeyer
bortzmeyer at nic.fr
Fri Nov 20 15:58:17 UTC 2009
On Fri, Nov 20, 2009 at 09:27:35AM +1100,
Mark Andrews <marka at isc.org> wrote
a message of 34 lines which said:
> There are also firewalls that block DNS/UDP responses bigger 512
> bytes or block EDNS queries/responses 10 years after the
> introduction of EDNS. There are also middleware that blocks/drops
> DNS/UDP responses that are fragmented.
This tool may help:
http://www.nic.cz/dnssectests/
And this one, too:
https://www.dns-oarc.net/oarc/services/replysizetest
More information about the bind-users
mailing list