query (cache) denied (revisited)

Matus UHLAR - fantomas uhlar at fantomas.sk
Wed Jul 29 15:21:45 UTC 2009


> > In message <84010000907190740j60000e04pc23316827fe0b9ef at mail.gmail.com>, Bradle
> > y Caricofe writes:
> [...]
> > > 19-Jul-2009 10:34:29.635 client 84.235.6.53#1276: query (cache) '
> > > 6q6vszqgm.w8n08fo0.taha.com/A/IN' denied
> [...]

On 29.07.09 17:12, Matus UHLAR - fantomas wrote:
> You can also be bad on them and provide fake root zone with wildcard record
> returning localhost IP. However be very careful not to provide those to your
> own recursive clients. I ocasionally use that on biggest abusers.

yes, I'm aware that I can cause innocent victim to get flooded this way, and
that this is BOFHish. However it helped me a few times against misconfigured hosts
firing tens to hunderds of requeests per second.

-- 
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
   One OS to rule them all, One OS to find them, 
One OS to bring them all and into darkness bind them 



More information about the bind-users mailing list