Basically, you have to have a big enough server/cluster of servers, to
absorb an attack.
No real defense from distributed dos.
2009/11/16 MontyRee :
>
> Hello, all.
>
>
> I have operated some dns servers and I'm curious what should I do if
> ddos attck to my dns servers.
>
> So do you know how
Hello,
I tested some dns dos tool like dnstest(http://www.trsecurity.net/dnstest/)
this program generates
(1) lots of queries (2) queried domains are randomly (3) source ip can be
spoofed to the destination.
below is an example(192.168.198.17 is victim)
07:09:11.658811 IP 167.187.119.211.450
Taylor, Gord wrote:
>
> The company I work for uses a vendor solution which implements BIND
> under the hood, though it's abstracted with a GUI interface. Knowing
> which bugs may exist in the current release of BIND would be nice to
> know; for example, if it's a feature of BIND we use, we may w
Gil Vidals wrote:
> Hello,
>
> I have a master and slave running bind 9.4.3,
You should upgrade to version 9.4.3-P3 which has fixes for some
security issues.
> and there is a problem
> with the outside world resolving new domains that I add to my name
> servers. Here is the sequence:
>
> 1) add
You haven't provided very much detail (e.g: example domains, your
nameservers, config files, versions, dig +trace output, etc), but from
first glance it sounds like your secondaries are not updating until
you restart named.
When you query a random nameserver there is a 50/50 chance (ok, wel
The company I work for uses a vendor solution which implements BIND
under the hood, though it's abstracted with a GUI interface. Knowing
which bugs may exist in the current release of BIND would be nice to
know; for example, if it's a feature of BIND we use, we may want to know
about bugs before
Hello,
I have a master and slave running bind 9.4.3, and there is a problem with
the outside world resolving new domains that I add to my name servers. Here
is the sequence:
1) add new domain
2) dig shows matching SOA and correct zone info.
3) wait two days
4) check a random name server such as o
On Thu, Nov 19, 2009 at 03:40:32PM +0700,
Sokvantha YOUK wrote
a message of 44 lines which said:
> Could you advice me what is the good way to manage large dns record
> in zone file?
You mean a large number of records, not a large single record?
> I'm using bind v9, currently I need to add a
On Fri, Nov 20, 2009 at 09:27:35AM +1100,
Mark Andrews wrote
a message of 34 lines which said:
> There are also firewalls that block DNS/UDP responses bigger 512
> bytes or block EDNS queries/responses 10 years after the
> introduction of EDNS. There are also middleware that blocks/drops
> DN
9 matches
Mail list logo
