Re: I'm having thousands of queries a domain isc.org and this increases my cpu percentage to 100%. That may be happening and how I can control this? is an attack? attachment of the log I made an updat

On 16/04/13 14:28, Denis Laventure wrote: Instead of blocking the source (which aren't even real - they're spoofed) why not just block access to your recursive resolver on port 53. I need my DNS server to resolve for my authoritative domain, I have 30+ domains here I can't block acces to port

RE: I'm having thousands of queries a domain isc.org and this increases my cpu percentage to 100%. That may be happening and how I can control this? is an attack? attachment of the log I made an updat

> Instead of blocking the source (which aren't even real - they're > spoofed) why not just block access to your recursive resolver on port 53. I need my DNS server to resolve for my authoritative domain, I have 30+ domains here I can't block acces to port 53. Denis _

Re: I'm having thousands of queries a domain isc.org and this increases my cpu percentage to 100%. That may be happening and how I can control this? is an attack? attachment of the log I made an updat

On 16/04/13 14:04, Denis Laventure wrote: These seems like some attack going on, after reading the mails i also check my recursive server and found a lot of these in my logs: my server is not an open recursive server its only open to my clients and these are not even from my country. Same her

RE: I'm having thousands of queries a domain isc.org and this increases my cpu percentage to 100%. That may be happening and how I can control this? is an attack? attachment of the log I made an updat

> These seems like some attack going on, after reading the mails i also check > my recursive server and found a lot of these in my logs: > my server is not an open recursive server its only open to my clients and > these are not even from my country. Same here, my DNS are open to my clients only

Re: I'm having thousands of queries a domain isc.org and this increases my cpu percentage to 100%. That may be happening and how I can control this? is an attack? attachment of the log I made an updat

On Tue, 2013-04-16 at 13:00 +0100, Phil Mayers wrote: > On 16/04/13 12:41, Kebba Foon wrote: > > > my server is not an open recursive server its only open to my clients > > and these are not even from my country. > > > > You're right, it's probably a spoofed-source DNS amplification attack. > >

Re: I'm having thousands of queries a domain isc.org and this increases my cpu percentage to 100%. That may be happening and how I can control this? is an attack? attachment of the log I made an updat

On 16/04/13 12:41, Kebba Foon wrote: my server is not an open recursive server its only open to my clients and these are not even from my country. You're right, it's probably a spoofed-source DNS amplification attack. If your DNS server isn't open (good to hear) you could consider just ACLi

Re: I'm having thousands of queries a domain isc.org and this increases my cpu percentage to 100%. That may be happening and how I can control this? is an attack? attachment of the log I made an updat

On Tue, 2013-04-16 at 05:27 -0400, Barry Margolin wrote: > In article , > Matus UHLAR - fantomas wrote: > > > they apparently expect your nameserver to provide resursive DNS service for > > your company while it may not be intended for that use... some customers > > (well, not only customers...

Re: I'm having thousands of queries a domain isc.org and this increases my cpu percentage to 100%. That may be happening and how I can control this? is an attack? attachment of the log I made an updat

In article , Matus UHLAR - fantomas wrote: > they apparently expect your nameserver to provide resursive DNS service for > your company while it may not be intended for that use... some customers > (well, not only customers...) do not understand the difference between > authoritative and recurs

Re: I'm having thousands of queries a domain isc.org and this increases my cpu percentage to 100%. That may be happening and how I can control this? is an attack? attachment of the log I made an updat

On 15.04.13 10:02, Jose Manuel Delgado G. wrote: Subject: I'm having thousands of queries a domain isc.org and this increases my cpu percentage to 100%. That may be happening and how I can control this? is an attack? attachment of the log I made an update to version 9.9.2-

Re: I'm having thousands of queries a domain isc.org and this increases my cpu percentage to 100%. That may be happening and how I can control this? is an attack? attachment of the log I made an updat

On 15.04.13 16:13, Denis Laventure wrote: I'm having the same problem but for those domains... hao.360.cn. openboxcdn.mobilem.360.cn. xliar.com. www.so.com. www.baidu.com. www.360.cn down.360.cn www.hao123.com 15-Apr-2013 15:00:08.485 security: info: client 117.21.187.20#52538:

RE: I'm having thousands of queries ...

> From: Denis Laventure > > Subject: RE: I'm having thousands of queries a domain isc.org and this > > increasesmy cpu percentage to 100%. That may be happening and how I > > can controlthis? is an attack? attachment of the log I made an update to > > version 9