define "fake" -- if you mean rfc1918, you can block the ranges at ingress, or with iptables or similar to avoid letting it hit bind at all.
-----Original Message----- From: pangj <pa...@riseup.net> Date: Wednesday, June 27, 2012 6:36 PM To: Tony Finch <d...@dotat.at> Cc: "bind-users@lists.isc.org" <bind-users@lists.isc.org> Subject: Re: prevent DNS attack > >> There is also a patch for BIND which can help: >> >> http://www.redbarn.org/dns/ratelimits > >Thank you. >The traffic is incoming, and the incoming IPs are fake, how will the >patch work to stop them? > >-- >Email/Jabber/Gtalk: pa...@riseup.net >Free DNS Hosting with www.DNSbed.com > > >_______________________________________________ >Please visit https://lists.isc.org/mailman/listinfo/bind-users to >unsubscribe from this list > >bind-users mailing list >bind-users@lists.isc.org >https://lists.isc.org/mailman/listinfo/bind-users _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
