Denial of Service
Dawn Connelly
dawn at zapata.org
Fri Feb 23 22:39:14 UTC 2007
If you aren't able to do the ISP or router/firewall blocking, you next option is
to set "blackhole" under your options settings
blackhole { <IP Address>; };
Quoting "jasonp at ndtel.com" <jasonp at ndtel.com>:
> This might best be handled by your ISP. Otherwise, consider setting an
> ACL on your router or blackhole those IPs.
>
> Nick Allum wrote:
> > Just had a quick question, at the Bind Level, if there was a possible
> > Denial of Service coming from only a handful of ip address, would I be
> > able just to use an ACL to deny these or will my servers still be
> > flooded as it has to process the ACL?
> > Of what would be the quickest and easiest way to reduce the effect of
> > some type of Denial of Service where I am getting large quantaties of
> > requests from the same group of IPS.
> >
> >
> > Thanks
> >
> >
> >
>
>
More information about the bind-users
mailing list