DNS Amplification Attack Mitigation

Fr34k freaknetboy at yahoo.com
Tue Mar 13 13:39:35 UTC 2012


Hello,

Did I miss any feedback on this, or perhaps there isn't any to offer (?)
Thank you.




>________________________________
> From: Fr34k <freaknetboy at yahoo.com>
>To: Bindlist <bind-users at isc.org> 
>Sent: Friday, March 9, 2012 10:30 AM
>Subject: DNS Amplification Attack Mitigation
> 
>
>
>All,
>
>I am (we all are (?)) interested in techniques for mitigating DNS amplification attacks for both recursive and authoritative BIND servers (versions 9.x).
>
>
>Google found http://www.secureworks.com/research/threats/dns-amplification/ and http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-011-eng.aspx
>which mention limiting clients via ACLs and using "additional-from-cache no;" as mitigation techniques.
>
>
>Good articles, but written several years ago so there might be additional configuration suggestions from the community since 2009.
>Are there and, if so, what are they?
>Perhaps said another way, what other named.conf settings could we be looking at in this effort?
>
>
>Thank you.
>
>_______________________________________________
>Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
>bind-users mailing list
>bind-users at lists.isc.org
>https://lists.isc.org/mailman/listinfo/bind-users
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20120313/cd90dabf/attachment.html>


More information about the bind-users mailing list