Botnet Malware issue on bind BIND 9.7.1-P2
WBrown at e1b.org
WBrown at e1b.org
Mon Dec 5 18:08:01 UTC 2011
jagan padhi wrote on 12/05/2011 12:16:19 PM:
> First of all i would like to know what all these .ws domians.due to
> this junk domain query CDNS servers load are getting very high.
>
> Yes There is a limit set in my CDND server,however out of 100 query
> 60 queries are coming for these junk domains.
>
Without the RPZ feature of bind 9.8, you could add a bogus zone for the
.ws domain to your servers. Either return an answer for *.ws as whatever
you want, or have just the SOA record. Either way, you're not waiting for
a recursive query to time out.
What kind of host is the source of the queries?
Confidentiality Notice:
This electronic message and any attachments may contain confidential or
privileged information, and is intended only for the individual or entity
identified above as the addressee. If you are not the addressee (or the
employee or agent responsible to deliver it to the addressee), or if this
message has been addressed to you in error, you are hereby notified that
you may not copy, forward, disclose or use any part of this message or any
attachments. Please notify the sender immediately by return e-mail or
telephone and delete this message from your system.
More information about the bind-users
mailing list