allow-query for non authoritative zones
Seme, Markus
markus.seme at bearingpoint.com
Wed Aug 20 14:47:19 UTC 2003
Hi,
i want block queries from several, different Source-IP's (spoofed) to
the same domain ( DOS ).
The domain is not under my authorization - for example microsoft.com
!?
It's easy to konfigure BIND9 with acl and allow-query for local zones
( in my authorization ) - for example:
zone "local.com" {
type master;
file "local.com.zone";
allow-query { none; };
};
But i haven't any idea how i should configure it to block the queries
for an domain who is not under my authorization !
Or is there any other way to block such DOS ?
Thanx ,
Markus
More information about the bind-users
mailing list