What are these entries in the log file - " query: . IN NS +"?
Tony Toews [MVP]
ttoews at telusplanet.net
Tue Jan 27 02:13:30 UTC 2009
Noel Butler <noel.butler at ausics.net> wrote:
>> How do I know I'm not answering those?
>>
>
>Since your on win, I can't help you, but whatever your packet monitor
>is, see if you are replying to their requests, even with a REFUSED
>response.
Thanks, I'll take a look using WireShark.
>> >It's a forged request asking you to participate in a DDoS thats been
>> >going on since last Wedensday,
>> >it's best if you firewall off your replies to those IP's so you don't
>> >participate in harming the innocent victims.
>>
>> I doubt the current firewall, the one built into Windows 2003 Server, is capable of
>> blocking specific IP addresses but I'll check.
>
>In that case maybe on your router? Apply a inbound request from them on
>port 53 udp only, that way you wont affect real traffic (hopefully)
>it does seemed to have died off dramatically here now.
We don't have a router in place. The Win 2003 box is directly attached to the
Internet.
Tony
--
Tony Toews, Microsoft Access MVP
Please respond only in the newsgroups so that others can
read the entire thread of messages.
Microsoft Access Links, Hints, Tips & Accounting Systems at
http://www.granite.ab.ca/accsmstr.htm
Tony's Microsoft Access Blog - http://msmvps.com/blogs/access/
More information about the bind-users
mailing list