mitigate NXNSAttack protocol vulnerability for unresolvable NS names
CWE-406: Insufficient Control of Network Message Volume (Network Amplification) We now limit number of failed NS name resolution attempts for each request. This does not prevent attacker from spoofing delegations but it puts upper bound on amplification factor.
Please register or sign in to comment