Basically, you have to have a big enough server/cluster of servers, to absorb an attack.
No real defense from distributed dos. 2009/11/16 MontyRee <chulm...@hotmail.com>: > > Hello, all. > > > I have operated some dns servers and I'm curious what should I do if > ddos attck to my dns servers. > > So do you know how to defense against dns dddos attack like root server? > > Surely, various ddos attack may be occurred. > > My idea is.. > > > -. filtering 53/udp traffic that the byte is over 512 byte > -. rate-limit against 53/udp queries > (but useless if the attack spoof the source ip) > -. deny recursion > -. anycast? > > > Is ther any comments or proposal? > > > Thanks in advance. > > > > > _________________________________________________________________ > 새로운 Windows 7: 일상 작업을 단순화하세요. 여러분에게 맞는 최상의 PC를 찾으세요. > http://windows.microsoft.com/shop > _______________________________________________ > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
