[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

DNS DoS ???

Subject: DNS DoS ???
From: rdobbins at arbor.net (Dobbins, Roland)
Date: Fri, 29 Jul 2011 22:39:46 +0000
In-reply-to: <CACRGtSOSPm12YE3S=n801ooun32VrXsRfP7yqO55kcHMSnss9A@mail.gmail.com>
References: <CACRGtSOSPm12YE3S=n801ooun32VrXsRfP7yqO55kcHMSnss9A@mail.gmail.com>

On Jul 30, 2011, at 1:51 AM, Elliot Finley wrote:

> my DNS servers were getting slow so I blocked recursive queries for all but my own network.

This should be the standard practice.  By operating an open recursor, you lend your DNS server to abuse as a contributor to DNS reflection/amplification attacks.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

		The basis of optimism is sheer terror.

			  -- Oscar Wilde

Follow-Ups:
- DNS DoS ???
  - From: drew.weaver at thenap.com (Drew Weaver)
- DNS DoS ???
  - From: frnkblk at iname.com (Frank Bulk)

References:
- DNS DoS ???
  - From: efinley.lists at gmail.com (Elliot Finley)

Prev by Date: SORBS contact
Next by Date: SORBS contact
Previous by thread: DNS DoS ???
Next by thread: DNS DoS ???
Index(es):
- Date
- Thread