I'm having thousands of queries a domain isc.org and this increases my cpu percentage to 100%. That may be happening and how I can control this? is an attack? attachment of the log I made an update to version 9.9.2-P2 as recommended but still continuous problems.
Phil Mayers
p.mayers at imperial.ac.uk
Tue Apr 16 12:00:04 UTC 2013
On 16/04/13 12:41, Kebba Foon wrote:
> my server is not an open recursive server its only open to my clients
> and these are not even from my country.
>
You're right, it's probably a spoofed-source DNS amplification attack.
If your DNS server isn't open (good to hear) you could consider just
ACLing it at your network border.
Alternatively, you could consider the RRL patches to bind.
More information about the bind-users
mailing list