Just put an ACL filter on your bind config for recursive queries. this will make your dns less susceptible to flash-crowd type attacks. Cisco has a short document about this.
http://www.cisco.com/web/about/security/intelligence/dns-bcp.html just check out the bind-centric info. discard the rest. regards, -B On Mon, Jan 14, 2013 at 1:06 PM, Gaurav Kansal <gaurav.kan...@nic.in> wrote: > Dear All, > > > > I want to limit the dns request per ip source through iptables. > > > > I tried the following commands, but unfortunately didn’t succeed. > > > > -A RH-Firewall-1-INPUT -m udp -p udp --dport 53 -m state --state NEW -m > recent --set --name DNSQF --rsource > > -A RH-Firewall-1-INPUT -m udp -p udp --dport 53 -m state --state NEW -m > recent --update --seconds 60 --hitcount 5 --name DNSQF --rsource -j DROP > > > > > > If anyone is using iptables for limiting DNS Query per IP, then pl. help me > out. > > > > > > Thanks and Regards, > > Gaurav Kansal > > Mob – 9910118448 > > > > Happy New Year 2013. > > IPv4 is Over, > > Are your ready for new Network. > > > > > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to > unsubscribe from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments Disclaimer: http://goldmark.org/jeff/stupid-disclaimers/ _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
