I think part of the panic originates in the (improper) assumption that DNS servers are like home computers, in that they think an most insecure DNS servers will remain insecure. I think that this is incorrect because DNS servers are usually run by trained personnel and are usually located in network segments where bit usage is purchased at a flat rate. While this sort of attack surfaces periodically, it also goes away periodically as the admins catch on and tighten up their servers. I think the problem returns as admins move on/up and are replace by newer personnel who also have to learn the hard way.
No comments:
Post a Comment