On 12/07/12 16:48, sth...@nethelp.no wrote:
Personally I don't know why "dig -t any" would be a problem. It's
not exactly the same as doing an axfr transfer of the zone - it still
only gets limited information.
They're the current query type du jour for DDoS amplification attacks,
which I assume the OP is experiencing.
The attackers have already diversified. TXT queries work just as well,
e.g. against wroe.com. Blocking ANY queries is going to a rather short
term "fix".
Not unexpected. They are, sadly, not idiots, and are probably reading
the same mailing lists we are.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
