prevent DNS attack

Phil Mayers p.mayers at
Thu Jun 28 08:40:08 UTC 2012

On 06/28/2012 02:36 AM, pangj wrote:
>> There is also a patch for BIND which can help:
> Thank you.
> The traffic is incoming, and the incoming IPs are fake, how will the
> patch work to stop them?

Read the archives that Tony pointed you at. There is much discussion, 
and no point in repeating it here.

Basically, stopping it is impossible. You can alleviate it to a greater 
or lesser degree. Rate limiting reduces the bandwidth of the DoS.

More information about the bind-users mailing list