Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Setting your upstream to 1.1.1.1 or 8.8.8.8 should mitigate this, as these appear to respond with NXDOMAIN to invalid domains rather than fail silently which would close the window for the attack.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: