Here are discussion concerning the problems related to allowing DNS recursion: "
The Continuing Denial of Service Threat Posed by DNS Recursion" and "
Looking behind the smoke screen of the Internet: DNS recursive attacks, spamvertised domains, phishing, botnet C&C's, Internet infrastructure and you".
While turning off recursion can be a good thing, there are justifiable uses for it. I've had to argue at length against a policy that all recursion be disabled, even internally.
No comments:
Post a Comment