How to block DNS record scans ?
Sylvan Andrew
sylvan_nids at norfolk.nf
Wed Apr 20 02:44:01 UTC 2005
Hello,
Is their anyone who could help us it would be much appreciated. Two of
our DNS servers are continually getting scanned with some type of script
that trys every combination possible from A-Z.
Rather than limit the amount of DNS requests our servers handle on a time
basis is there anyone who knows a way to modify the response to a entry
record not being found ?
Basically we'd want it so that if it was a valid entry bind would reply
straight away, if it was a invalid entry we'd like rather than a immediate
'not found' response to modify it so it just times out.
Does anyone have and ideas where in Bind we could modify it to do this ?
Does anyone have any other ideas to combat this problem ?
Thanks for your time.
Regards
Sylvan
More information about the bind-users
mailing list