Fw: How to block NULL resource record queries
kashif.mumtaz at yahoo.com
Mon Jun 8 04:03:57 UTC 2015
Hi,We recently faced an issue that we were receiving bulk number of queries on our DNS server from customer for some fake domain whose RR type was NULL.This type of queries are we are seeing first time whose RR type is NULL.
We have some iptables scripts on server which can block or rate limit quires like A , ANY etc. But these script does not recognize RR type NULL.
For quick remedy we configure the zone locally and pointed it to 127.0.0.1 so our recrusive queque for these domains are not accumulating now.
But we can recieve bulk NULL queries for some valid domains like yahoo.com etc which we can not configure locally. Then how can we block these NULL type queries ?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the bind-users