On Jun 10, 2012, at 10:59, Dobbins, Roland wrote: > On Jun 10, 2012, at 3:45 PM, Jim Reid wrote: > >> And why pick on my name server which has never done anyone any harm? > > They're just looking for ANY records, there's no rhyme or reason to it. > They're spoofing the IP address of the target they're attacking - they're > using your server for reflection/amplification. > > Do you really need to respond to ANY queries - especially when your servers > are being abused?
Are there any downsides to not responding to 'ANY' queries? A client should retry with a more focused query AFAIK, but does that actually happen in practice? Cya, Jona _______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
