define "fake" -- if you mean rfc1918, you can block the ranges at ingress, or with iptables or similar to avoid letting it hit bind at all.
-----Original Message----- From: pangj <[email protected]> Date: Wednesday, June 27, 2012 6:36 PM To: Tony Finch <[email protected]> Cc: "[email protected]" <[email protected]> Subject: Re: prevent DNS attack > >> There is also a patch for BIND which can help: >> >> http://www.redbarn.org/dns/ratelimits > >Thank you. >The traffic is incoming, and the incoming IPs are fake, how will the >patch work to stop them? > >-- >Email/Jabber/Gtalk: [email protected] >Free DNS Hosting with www.DNSbed.com > > >_______________________________________________ >Please visit https://lists.isc.org/mailman/listinfo/bind-users to >unsubscribe from this list > >bind-users mailing list >[email protected] >https://lists.isc.org/mailman/listinfo/bind-users _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users
