How to Limit DNS Request per ip source ?
Beavis
pfunix at gmail.com
Mon Jan 14 16:14:01 UTC 2013
Just put an ACL filter on your bind config for recursive queries. this
will make your dns less susceptible to flash-crowd type attacks. Cisco
has a short document about this.
http://www.cisco.com/web/about/security/intelligence/dns-bcp.html
just check out the bind-centric info. discard the rest.
regards,
-B
On Mon, Jan 14, 2013 at 1:06 PM, Gaurav Kansal <gaurav.kansal at nic.in> wrote:
> Dear All,
>
>
>
> I want to limit the dns request per ip source through iptables.
>
>
>
> I tried the following commands, but unfortunately didn’t succeed.
>
>
>
> -A RH-Firewall-1-INPUT -m udp -p udp --dport 53 -m state --state NEW -m
> recent --set --name DNSQF --rsource
>
> -A RH-Firewall-1-INPUT -m udp -p udp --dport 53 -m state --state NEW -m
> recent --update --seconds 60 --hitcount 5 --name DNSQF --rsource -j DROP
>
>
>
>
>
> If anyone is using iptables for limiting DNS Query per IP, then pl. help me
> out.
>
>
>
>
>
> Thanks and Regards,
>
> Gaurav Kansal
>
> Mob – 9910118448
>
>
>
> Happy New Year 2013.
>
> IPv4 is Over,
>
> Are your ready for new Network.
>
>
>
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
() ascii ribbon campaign - against html e-mail
/\ www.asciiribbon.org - against proprietary attachments
Disclaimer:
http://goldmark.org/jeff/stupid-disclaimers/
More information about the bind-users
mailing list