lot of 'ripe.net IN ANY +ED' queries
Marek Salwerowicz
marek_sal at wp.pl
Mon Jul 23 13:09:35 UTC 2012
W dniu 2012-07-23 14:33, Stephane Bortzmeyer pisze:
>
>> But is there any other solutions for that permanent attacks?
> The operators of F-root use this on their FreeBSD machines to
> rate-limit per source IP:
>
> add pipe 1 udp from any to any 53 in
> pipe 1 config mask src-ip 0xffffffff buckets 1024 bw 400Kbit/s queue 3
> add pipe 2 tcp from any to any 53 in
> pipe 2 config mask src-ip 0xffffffff buckets 1024 bw 100Kbit/s queue 3
It looks nice, as I can now block the traffic on my firewall, instead of
DNS server.
Thanks.
BTW - is this attack any new kind of virus/spyware or sth ?
--
Marek Salwerowicz
More information about the bind-users
mailing list