RE: recursive DNS servers DDoS as a growing DDoS problem

On Thu, 30 Mar 2006, Geo. wrote:

It's a security issue. He who controls the dns server controls you, yes?

Ok we are talking about locking down DNS like we locked down smtp relay. So
if you want to send a mail today can you just use any smtp server you want
or are you severly limited, possibly by a port 25 block which forces you to
use just your ISP's mail smtp server?

Don't you think creating a control point like that is dangerous? Especially
dangerous when it's DNS which runs virtually every function on the internet?

It's not a conspiracy theory, it's fact, if you create a control like that
someone is going to want to control it. I suggest only that we consider this
along with everything else.

I haven't heard anyone talk about requiring that users use their ISP's DNS server. Just that they should not be able to use any random DNS server on the internet.

What is stopping you from running your own local DNS server? My system at home runs named in a configuration that allows any systems on my local network to query from it. That's what I use as my authoritative nameserver.