> On Jan 10, 2016, at 12:48 PM, <to...@tuxteam.de> <to...@tuxteam.de> wrote: > > Perhaps some miscreants are trying to use/using your DNS server for > DNS amplification attacks [1] (they use open DNS servers to multiply > their DDOS (distributed denial of service) attack force by spoofing > the sender's address in their request (the spoofed sender becomes the > victim)
An interesting thought. But they don't get too far with the rate limiter in the packet filter -- I don't send anything back (to the spoofed sender), I just drop the packet. Sorry to break their DDOS amplifier :-) -- Glenn English
