Denial of Service

Dawn Connelly dawn at zapata.org
Fri Feb 23 22:39:14 UTC 2007


If you aren't able to do the ISP or router/firewall blocking, you next option is
to set "blackhole" under your options settings

        blackhole {  <IP Address>; };

Quoting "jasonp at ndtel.com" <jasonp at ndtel.com>:

> This might best be handled by your ISP. Otherwise, consider setting an
> ACL on your router or blackhole those IPs.
>
> Nick Allum wrote:
> > Just had a quick question, at the Bind Level, if there was a possible
> > Denial of Service coming from only a handful of ip address, would I be
> > able just to use an ACL to deny these or will my servers still be
> > flooded as it has to process the ACL?
> > Of what would be the quickest and easiest way to reduce the effect of
> > some type of Denial of Service where I am getting large quantaties of
> > requests from the same group of IPS.
> >
> >
> > Thanks
> >
> >
> >
>
>






More information about the bind-users mailing list