> > Personally I don't know why "dig -t any" would be a problem. It's > > not exactly the same as doing an axfr transfer of the zone - it still > > only gets limited information. > > They're the current query type du jour for DDoS amplification attacks, > which I assume the OP is experiencing.
The attackers have already diversified. TXT queries work just as well, e.g. against wroe.com. Blocking ANY queries is going to a rather short term "fix". Steinar Haug, Nethelp consulting, sth...@nethelp.no _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
