Bind dns amplification attack
Matus UHLAR - fantomas
uhlar at fantomas.sk
Tue Mar 28 12:30:33 UTC 2023
On 28.03.23 18:48, Nyamkhand Buluukhuu wrote:
>Like below in named.conf:
>
>acl recclients {
> 43.228.128.2/32;
> 202.70.32.17/32;
> 103.29.147.0/29;
> 103.99.103.0/24; }
>
>allow-recursion { recclients; };
Great, this means that only clients with those IP addresses can query
your server for non-local information.
So, your server should NOT be part of Amplification attack.
(unless you run VERY OLD version of BIND)
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
2B|!2B, that's a question!
More information about the bind-users
mailing list