Script-kiddie / client <IP> query (cache) '<host>/MX/IN' denied

[Dixon, Justin]

>> I would like to know if I can block hosts doing that at the level of
>> /etc/hosts.allow or should I do it at the level of Bind itself ?
> Use IPTables or add rules to your firewall. I don't believe that BIND
> pays any attention to /etc/hosts.allow

BIND has a "blackhole" option that will essentially perform the same
function...BIND will not even respond to IPs that are listed in the
blackhole statement in named.conf.

Check the BIND ARM for details on blackhole.

Thanks...

Justin Dixon