Denial of Service

Peter Dambier peter at peter-dambier.de
Fri Feb 23 21:50:00 UTC 2007


Nick Allum wrote:
> Just had a quick question, at the Bind Level, if there was a possible
> Denial of Service coming from only a handful of ip address, would I be
> able just to use an ACL to deny these or will my servers still be
> flooded as it has to process the ACL?
> Of what would be the quickest and easiest way to reduce the effect of
> some type of Denial of Service where I am getting large quantaties of
> requests from the same group of IPS.
>  
>  
> Thanks

In /etc/named.conf

...
acl bogon {
   0.0.0.0/8;    // Null address
   1.0.0.0/8;    // IANA reserved, popular fakes
   2.0.0.0/8;
   255.0.0.0/8;
};
...

Just add the attackers or their networks.


Kind regards
Peter and Karin

-- 
Peter and Karin Dambier
Cesidian Root - Radice Cesidiana
Rimbacher-Strasse 16
D-69509 Moerlenbach-Bonsweiher
+49(6209)795-816 (Telekom)
+49(6252)750-308 (VoIP: sipgate.de)
mail: peter at peter-dambier.de
mail: peter at echnaton.serveftp.com
http://iason.site.voila.fr/
https://sourceforge.net/projects/iason/
http://www.cesidianroot.com/



More information about the bind-users mailing list