prevent DNS attack
Michael Hoskins (michoski)
michoski at cisco.com
Thu Jun 28 02:55:13 UTC 2012
define "fake" -- if you mean rfc1918, you can block the ranges at ingress,
or with iptables or similar to avoid letting it hit bind at all.
-----Original Message-----
From: pangj <pangj at riseup.net>
Date: Wednesday, June 27, 2012 6:36 PM
To: Tony Finch <dot at dotat.at>
Cc: "bind-users at lists.isc.org" <bind-users at lists.isc.org>
Subject: Re: prevent DNS attack
>
>> There is also a patch for BIND which can help:
>>
>> http://www.redbarn.org/dns/ratelimits
>
>Thank you.
>The traffic is incoming, and the incoming IPs are fake, how will the
>patch work to stop them?
>
>--
>Email/Jabber/Gtalk: pangj at riseup.net
>Free DNS Hosting with www.DNSbed.com
>
>
>_______________________________________________
>Please visit https://lists.isc.org/mailman/listinfo/bind-users to
>unsubscribe from this list
>
>bind-users mailing list
>bind-users at lists.isc.org
>https://lists.isc.org/mailman/listinfo/bind-users
More information about the bind-users
mailing list