MoinQ:

1. DNS/Google公開キャッシュ

https://code.google.com/intl/ja/speed/public-dns/docs/security.html

http://code.google.com/intl/ja/speed/public-dns/docs/performance.html

2. Google public DNS

https://developers.google.com/speed/public-dns/faq?hl=ja

yatz.qmail.jp などの扱いや、 TTLの扱い、 毒盛り対策、 TCP などについて調べる予定。

http://www.itmedia.co.jp/news/articles/0912/09/news023.html

/yatz.qmail.jp

Security Benefits https://code.google.com/intl/ja/speed/public-dns/docs/security.html

3. Implementing basic validity checking

Some DNS cache corruption can be due to unintentional, and not necessarily malicious, mismatches between requests and responses (e.g. perhaps because of a misconfigured nameserver, a bug in the DNS software, and so on).

At a minimum, DNS resolvers should put in checks to verify the credibility and relevance of nameservers' responses. We recommend (and implement) all of the following defenses:

Rejecting responses that do not meet required criteria

Google Public DNS rejects all of the following: