| ▲ | Dylan16807 5 days ago | |||||||
If you want to stop UDP DNS from being able to amplify, require bigger query datagrams. | ||||||||
| ▲ | citrin_ru 5 days ago | parent [-] | |||||||
I would rather prefer responses to become smaller. If you would check TXT record for almost any big company you'll find a lot of verification records which either unnecessary (because better way to confirm domain ownership exists, e. g. by adding a DNS record with unique name instead of using main domain TXT record) or outdated (e. g. they did verify multiple times but kept records from all attempts). And more generally big companies tend to treat domain's DNS TXT record as an append-only structure and never clean junk it accumulates. | ||||||||
| ||||||||