prevent DNS attack

pangj pangj at
Thu Jun 28 03:16:12 UTC 2012

> define "fake" -- if you mean rfc1918, you can block the ranges at ingress,
> or with iptables or similar to avoid letting it hit bind at all.

Yes I mean source-spoofed DDoS attack and I am reading this document:

Is there a sample iptables script for that?

Email/Jabber/Gtalk: pangj at
Free DNS Hosting with

More information about the bind-users mailing list