What are these entries in the log file - " query: . IN NS +"?
Barry Margolin
barmar at alum.mit.edu
Tue Jan 27 01:10:10 UTC 2009
In article <gllha9$2ote$1 at sf1.isc.org>,
"Tony Toews [MVP]" <ttoews at telusplanet.net> wrote:
> Gregory Hicks <ghicks at hicks-net.net> wrote:
>
>
> >> 2) What are they?
> >
> >They look like the DDoS being discussed on the NANOG list.
> >
> >Have you implemented BCP38? If not, why not...
>
> I have no idea what BCP38 is and how I can implement that. Would you be so
> kind as
> to supply links relevant to Windows 2003 Server?
BCP38 is not something you implement, it's something that has to be
implemented by the ISPs hosting the attacking systems. They have to
block forged source IPs from their customers.
Since there are many ISPs out there that are too lazy, incompetent, or
just don't care, where probably never going to be rid of these kinds of
attacks.
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
More information about the bind-users
mailing list