By doing that you will resolve most of the problem.
However, with the current state of DNS servers, even if you do not do recursive resolution on your DNS server (or only do it for your IP Address space), you could be used to do a DDDoS attack.
I could send you a query for one of the domains for which you are authoritative, using a spoofed IP address, and you will respond to the victim. The "amplification effect" still works, only it can not be "custom amplified", I have to stick with whathever records you happen to have.
yeah, its just like a train, but:
- it has a station right inside my garage
- it has no stations between my garage and my destination
- it has railroads between my garage and all other possible destinations
wow. suddenly this seems a lot like a roadway "grid".
I believe the top post is talking about something right in the middle. The convenience of a car, with the simplicity of a train.
I like it. Wake me up when we get there.
Kind of more of the same thing, but until you can check your own "nothing interesting about it" IP address, you can see what they think about one of Googles IP:
Googlebot
I'm in charge of replacing our to-old NEC PBX for a brand new Asterisk in our ISP.
As a Unix sysop for long time, with some knowledge in general VoIP/H.323/SIP, I would say that the jump into Asterisk is not too dificult. We use SSH/vi/etc. in our day-to-day task, so one more system is not hard to swallow.
However I would like to point out that unless you are a really small user, with standard needs, for example in a situation where Asterisk@Home resolves all your needs, or you can live using only SIP or IAX, you will have some problems.
Asterisk will be a killer-app, but it is not there yet. Each new version tends to break something, configuration switches are added or removed, new features, are added changing the way things should be done, behavior of old functionality changes, etc. Its great, but its still evolving. Just check the mailing list and you will see the kind of problems that arise, and are resolved by the community.
Evolving is a Good Thing, but you have to take that into account before jumping in.
Slashdot Mirror
By doing that you will resolve most of the problem.
However, with the current state of DNS servers, even if you do not do recursive resolution on your DNS server (or only do it for your IP Address space), you could be used to do a DDDoS attack.
I could send you a query for one of the domains for which you are authoritative, using a spoofed IP address, and you will respond to the victim. The "amplification effect" still works, only it can not be "custom amplified", I have to stick with whathever records you happen to have.
p.
yeah, its just like a train, but: - it has a station right inside my garage - it has no stations between my garage and my destination - it has railroads between my garage and all other possible destinations wow. suddenly this seems a lot like a roadway "grid". I believe the top post is talking about something right in the middle. The convenience of a car, with the simplicity of a train. I like it. Wake me up when we get there.
Kind of more of the same thing, but until you can check your own "nothing interesting about it" IP address, you can see what they think about one of Googles IP: Googlebot
I'm in charge of replacing our to-old NEC PBX for a brand new Asterisk in our ISP.
As a Unix sysop for long time, with some knowledge in general VoIP/H.323/SIP, I would say that the jump into Asterisk is not too dificult. We use SSH/vi/etc. in our day-to-day task, so one more system is not hard to swallow.
However I would like to point out that unless you are a really small user, with standard needs, for example in a situation where Asterisk@Home resolves all your needs, or you can live using only SIP or IAX, you will have some problems.
Asterisk will be a killer-app, but it is not there yet. Each new version tends to break something, configuration switches are added or removed, new features, are added changing the way things should be done, behavior of old functionality changes, etc. Its great, but its still evolving. Just check the mailing list and you will see the kind of problems that arise, and are resolved by the community.
Evolving is a Good Thing, but you have to take that into account before jumping in.
Pablo.