Good deal - let me know if you have any issues!
On Thu, Feb 27, 2014 at 3:33 PM, David R. Wilson <[email protected]> wrote: > Thanks Wesley, > > That helps a bunch. In this case it is a Centos box, but I don't think > that is going to cause any problems. > > Dave > > On Thu, 2014-02-27 at 13:19 -0600, Wesley Duffee-Brahun wrote: > > Hi Dave, > > > > > > Here is a link about someone who went through your scenario with a DNS > > server and DDOS > > > > > > > https://www.debian-administration.org/article/Blocking_a_DNS_DDOS_using_the_fail2ban_package > > > > > > > > Debian, not sure what you are running, but Fail2Ban should be similar > > setup. > > > > > > - Wesley > > > > > > > > > > On Thu, Feb 27, 2014 at 1:15 PM, David R. Wilson <[email protected]> > > wrote: > > Thanks Guys, > > > > That is part of the problem. Charter as best I can tell > > refuses to > > block anything. The fail2ban program looks like it might > > work. It > > looks like just a ping to verify the address is legitimate and > > drop the > > packet if there is no response would be one way to do it. > > > > I will stare at the fail2ban program docs a bit and see what > > that is > > going to require. > > > > Dave > > > > On Thu, 2014-02-27 at 13:02 -0600, Tilghman Lesher wrote: > > > On Thu, Feb 27, 2014 at 12:29 PM, David R. Wilson > > <[email protected]> wrote: > > > > I have had a problem with non resolvable IP addresses > > hitting my DNS > > > > server (running BIND9) and eating up bandwidth. I am sure > > there is some > > > > instructions on how to assure the IP numbers resolve, but > > I apparently > > > > missed the instructions. > > > > > > > > Some of those addresses I put into firewall rules to drop > > the inquiry. > > > > Since then someone decided random IP addresses were more > > fun. Rate > > > > limiting doesn't seem to help. > > > > > > > > Anyone in the group have the short story on how to fix > > this? > > > > > > I'm guessing you're talking about non-routable addresses? > > Ultimately, > > > it's going to have to be solved by your upstream backbone > > provider, in > > > terms of blocking packets with forged source addresses, > > since that's > > > the nature of the problem. > > > > > > -- > > > Tilghman > > > > > > -- > > > > > > -- > > -- > > You received this message because you are subscribed to the > > Google Groups "NLUG" group. > > To post to this group, send email to > > [email protected] > > To unsubscribe from this group, send email to nlug-talk > > [email protected] > > For more options, visit this group at > > http://groups.google.com/group/nlug-talk?hl=en > > > > --- > > You received this message because you are subscribed to the > > Google Groups "NLUG" group. > > To unsubscribe from this group and stop receiving emails from > > it, send an email to [email protected]. > > For more options, visit > > https://groups.google.com/groups/opt_out. > > > > > > > > > > > > -- > > http://www.wesleyduffeebraun.com > > > > > > -- > > -- > > You received this message because you are subscribed to the Google > > Groups "NLUG" group. > > To post to this group, send email to [email protected] > > To unsubscribe from this group, send email to nlug-talk > > [email protected] > > For more options, visit this group at > > http://groups.google.com/group/nlug-talk?hl=en > > > > --- > > You received this message because you are subscribed to the Google > > Groups "NLUG" group. > > To unsubscribe from this group and stop receiving emails from it, send > > an email to [email protected]. > > For more options, visit https://groups.google.com/groups/opt_out. > > > -- > -- > You received this message because you are subscribed to the Google Groups > "NLUG" group. > To post to this group, send email to [email protected] > To unsubscribe from this group, send email to > [email protected] > For more options, visit this group at > http://groups.google.com/group/nlug-talk?hl=en > > --- > You received this message because you are subscribed to the Google Groups > "NLUG" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/groups/opt_out. > -- http://www.wesleyduffeebraun.com <http://www.ashevillephotobooth.com> -- -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en --- You received this message because you are subscribed to the Google Groups "NLUG" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
