[Unbound-users] allowing cache queries but not doing recursion for "foreign" networks
ondrej at sury.org
Sun Feb 15 19:28:58 CET 2009
>>> Cache snooping lets anyone see who you've been talking to, when you
>>> it up, and when the cache will expire.
>> cache snooping can also facilitate amplification attacks, see RFC 5358.
> No, not without recursion enabled it can't.
Yes, it can. Just spoof query to something which is already in cache
(like root servers).
Ondřej Surý <ondrej at sury.org>
More information about the Unbound-users