DDOS attack Bind 9.9 - P2
Jay Ford
jay-ford at uiowa.edu
Tue Apr 30 21:17:03 UTC 2013
On Tue, 30 Apr 2013, Jose Manuel Delgado G. wrote:
> I have isc.org attack." isc.org internet *?". It comes from my own clients
> that I have allowed in my ACL. the question is how to stop this attack?
> this causes my traffic on the interface is intense and also up my cpu
> percentage. that I can do to prevent it??
Assuming "clients" means things you connect to the net...
If the queries are really from your clients, find & fix them. They are
probably attacking others in addition to you, so you'd be doing the rest of
the Internet a favor while solving your own problem.
If the traffic is spoofed as being from your clients, stop accepting traffic
from elsewhere sourced from your client address space.
________________________________________________________________________
Jay Ford, Network Engineering Group, Information Technology Services
University of Iowa, Iowa City, IA 52242
email: jay-ford at uiowa.edu, phone: 319-335-5555, fax: 319-335-2951
More information about the bind-users
mailing list