Stopping ddos

[Grant Taylor]

On 8/2/22 2:02 PM, Robert Moskowitz wrote:
> Any best practices on this?

It looks like you're dealing with A queries for the root domain.  I've 
blocked this, and similar queries, via iptables firewall in the past.

Also, make sure that you apply the same BIND ACL to the cache that you 
do for queries.  --  I had a system that didn't have the same ACL and 
rogue clients were able to get things from the cache despite not being 
able to initiate the queries directly.



-- 
Grant. . . .
unix || die

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4017 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20220802/0fe2d363/attachment.bin>