securing dns against dns attack

terry l. ridder terrylr at
Mon Nov 21 11:00:08 UTC 2005


my network has been under a dns attack for several days.
i have secured all dns severs with the following globals options:

         allow-transfer {;; };
         allow-query {; };
         allow-recursion {; };

i have also configured two more dns name servers to basically absorb the
attack. absorbing the dns attack does nothing to reclaim the bandwidth
used by the attack.

currently, my network address block, is being dropped. before i bring
the network address block back up i would like to know of any other
steps that i may take to defend against a dns attack. any suggestion,
comments, hints would be most welcome.

currently the network is connecting via and external nat ip address.
i really need to bring dns and smtp back up as soon as possible.

terry l. ridder ><>

More information about the bind-users mailing list