On 8/2/22 2:02 PM, Robert Moskowitz wrote:
Any best practices on this?
It looks like you're dealing with A queries for the root domain. I've blocked this, and similar queries, via iptables firewall in the past.
Also, make sure that you apply the same BIND ACL to the cache that you do for queries. -- I had a system that didn't have the same ACL and rogue clients were able to get things from the cache despite not being able to initiate the queries directly.
-- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
-- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users