Defense against a client?
WBrown at e1b.org
WBrown at e1b.org
Tue Jan 17 13:42:47 UTC 2012
Tom Schmitt wrote on 01/16/2012 05:19:30 AM:
> I have a problem with the load on my Bind. Normally it's fine, but
> from time to time there are clients which causes through a
> misconfiguration or a failed local service (not intentionally) a
> very high amount of queries. After finding and informing the
> responsible person this problem is mostly solved in short time.
[snip]
> Is there such a possibility? I found nothing in the documentation.
> Or are there other ways to achive this? How do you guys do this?
Do you have an Intrusion Prevention System or can your network switches
limit the rate of connections to the DNS servers?
PLEASE! check what is normal traffic before implementing a limit. I have
an ugly tale about such a limit being imposed w/o baseline data and no
notice it was being implemented either. I now have DNS servers dedicated
to servicing my spam filters.
Confidentiality Notice:
This electronic message and any attachments may contain confidential or
privileged information, and is intended only for the individual or entity
identified above as the addressee. If you are not the addressee (or the
employee or agent responsible to deliver it to the addressee), or if this
message has been addressed to you in error, you are hereby notified that
you may not copy, forward, disclose or use any part of this message or any
attachments. Please notify the sender immediately by return e-mail or
telephone and delete this message from your system.
More information about the bind-users
mailing list