On Mon, Jan 19, 2009 at 11:41 AM, Christof Meerwald wrote:
> Is there anything a DNS server/PowerDNS can do to avoid being used as a DDoS
> reflector, like rate-limiting SERVFAILs per IP address? What's the general
> opinion?
For this particular attack you could set "send-root-referral=no"; that
Leen Besselink wrote:
Christof Meerwald wrote:
Hi,
since about Friday late evening I am seeing lots of pdns errors in my
syslog
like:
Not authoritative for '', sending servfail to 76.9.31.42 (recursion was
desired)
Over in comp.protocols.dns.bind there is already some discussion about
Christof Meerwald wrote:
Hi,
since about Friday late evening I am seeing lots of pdns errors in my syslog
like:
Not authoritative for '', sending servfail to 76.9.31.42 (recursion was
desired)
Over in comp.protocols.dns.bind there is already some discussion about these
DNS requests (which
Hi,
since about Friday late evening I am seeing lots of pdns errors in my syslog
like:
Not authoritative for '', sending servfail to 76.9.31.42 (recursion was
desired)
Over in comp.protocols.dns.bind there is already some discussion about these
DNS requests (which apparently use a spoofed so
