[Dnsmasq-discuss] dnsmasq to provide public DNS service
T o n g
mlist4suntong at yahoo.com
Thu Jul 7 03:55:17 BST 2016
On Wed, 06 Jul 2016 08:43:56 -0500, /dev/rob0 wrote:
>> > Nobody should do that indeed, because it is a very bad idea: your
>> > machine may then serve as an amplifier for DDoS attacks.
>>
>> I'm more interested to know how to do that than actually provide the
>> DNS service. BTW, on to that thought, how the ISP or Google's DNS
>> server able to avoid being an amplifier for DDoS attacks?
>
> Having some familiarity with this, I can address this question, while
> staying out of Albert's way as he valiantly tried to address the Big
> Picture. :)
Oh, thanks a lot for your detailed explanation.
That's exactly the kind of info I need. We all know that "anything could
happen". Once I asked how to use sendmail as the mail server so people
can send me emails to me, to my account of my own domain, and the
response was overwhelmingly: DON"T, then followed by "anything could
happen", without explaining what actually could happen ---
Your detailed explanation really helped me understand the situation and
complexity of the issue.
> Dnsmasq is a wonderful piece of software which does a very nice job at
> meeting the needs of most small, simple sites. I do not think it's well
> suited for ISP use, and especially not for use as an open resolver.
This is only for my personal use, and I'll turn it off once I'm done.
I.e., I care more about *can* it be done part, not much on the part of
"*should* it be done".
thanks again
More information about the Dnsmasq-discuss
mailing list