verizon DNS "helper"

[Chip Marshall]

On November 14, 2007, Ben Scott sent me the following:
>   I suggest just running your own caching resolver (ISC BIND named,
> tinydns, whatever) and bypassing the ISP's mess entirely.

Probably doable for now, but there's nothing stopping your ISP from
intercepting all outgoing DNS traffic from end-user IPs and redirecting
them to the ISP's recursive servers.

Although, I don't really see any of the big ISPs caring enough to jump
through those kinds of hoops just to stop people from avoiding a few
ads. The majority of users wouldn't bother.

It's unfortunate that open recursives are usable as DDoS amplifiers,
otherwise I'd happily run an open recursive on my colo for the common
good.

-- 
Chip Marshall <chip at 2bithacker.net>     http://weblog.2bithacker.net/
GCM/IT d+(-) s+:++ a26>? C++ UB++++$ P+++$ L- E--- W++ N@ o K- w O M+
V-- PS+ PE Y+ PGP++ t+@ R@ tv@ b++@ DI++++ D+(-) G++ e>++ h>++ r-- y?