In FreeBSD you can use pf to limit connections using tables and setting up rate limit.<br><br><a href="http://forums.freebsd.org/showthread.php?t=1727">http://forums.freebsd.org/showthread.php?t=1727</a><br><br>Best regards,<br>
<br>Shamrock<br><br><div class="gmail_quote">On Tue, Oct 26, 2010 at 9:29 PM, Kebba Foon <span dir="ltr"><<a href="mailto:kebba.foon@qcell.gm">kebba.foon@qcell.gm</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<div class="im">On Tue, 2010-10-26 at 15:22 -0400, Todd Snyder wrote:<br>
> What version of bind, on what OS?<br>
><br>
</div>I use Debian 5.0 with bind 9.6-ESV-R1 but also i thought that the OS<br>
might have some security holes so i try FreeBSD 8.1 with BIND 9.7.1 but<br>
still have ihave the same problems.<br>
<div class="im"><br>
> here may be some things you can do with iptables to limit connections<br>
><br>
> <a href="http://www.debian-administration.org/articles/187" target="_blank">http://www.debian-administration.org/articles/187</a><br>
><br>
</div>i will just look into these but it done thing iptables will be the ideal<br>
solution.<br>
<div><div></div><div class="h5">> I don't recall seeing anything native to BIND that would allow for limits per src.<br>
><br>
> t.<br>
><br>
> -----Original Message-----<br>
> From: bind-users-bounces+tsnyder=<a href="http://rim.com" target="_blank">rim.com</a>@<a href="http://lists.isc.org" target="_blank">lists.isc.org</a> [mailto:<a href="mailto:bind-users-bounces%2Btsnyder">bind-users-bounces+tsnyder</a>=<a href="http://rim.com" target="_blank">rim.com</a>@<a href="http://lists.isc.org" target="_blank">lists.isc.org</a>] On Behalf Of Kebba Foon<br>
> Sent: Tuesday, October 26, 2010 2:27 PM<br>
> To: <a href="mailto:bind-users@lists.isc.org">bind-users@lists.isc.org</a><br>
> Subject: limiting number of recursion/queries per IP address<br>
><br>
> Dear List,<br>
><br>
> Is is possible to limit the number of recursion/queries per IP address.<br>
> there is some kind of virus thats bombarding my dns servers with a lot<br>
> of queries, i realize that when ever the total number of recursion<br>
> clients reach 1000 dns resolution stop working. i have increase the<br>
> recursive-clients to 10000 but still these those not help. and also i<br>
> have increase the number of max open files on my OS which at one point<br>
> was complaining about too many open files. can someone please direct me<br>
> to how best to solve this problem its some kind of DDOS.<br>
><br>
> Thanks<br>
> Kebba<br>
><br>
> _______________________________________________<br>
> bind-users mailing list<br>
> <a href="mailto:bind-users@lists.isc.org">bind-users@lists.isc.org</a><br>
> <a href="https://lists.isc.org/mailman/listinfo/bind-users" target="_blank">https://lists.isc.org/mailman/listinfo/bind-users</a><br>
><br>
> ---------------------------------------------------------------------<br>
> This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful.<br>
<br>
_______________________________________________<br>
bind-users mailing list<br>
<a href="mailto:bind-users@lists.isc.org">bind-users@lists.isc.org</a><br>
<a href="https://lists.isc.org/mailman/listinfo/bind-users" target="_blank">https://lists.isc.org/mailman/listinfo/bind-users</a><br>
</div></div></blockquote></div><br>