I was having same problem, i did place an IP tables rule
2013/4/30 Jose Manuel Delgado G.
> I have isc.org attack."* isc.org internet *?".* It comes from my own
> clients that I have allowed in my ACL. the question is how to stop this
> attack? this causes my traffic on the interface is intense
Understood. I already have ACLs defined. So I can use
"rate-limit{exempt-clients{address-match-list}}; " statement to exclude my
client addresses from the RRL checks. Thanks.
Rohan
On Fri, 3 May 2013 20:13:47 GMT
Vernon Schryver wrote:
>> From:
>
>> >What if both authoritative and recursive
> From:
> >What if both authoritative and recursive are running on the same
> >server since RRL does not apply to recursive servers?
> Found the answer to below.
>
> According to isc-tn-2012-1.txt hybrid authority/recursive servers
> are out of scope.
I disagree. What isc-tn-2012-1.txt says is
On 05/03/2013 11:44 AM, rohan.he...@cwjamaica.com wrote:
What if both authoritative and recursive are running on the same server
That's a simple answer, don't do that.
Doug (ever)
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to
Found the answer to below.
According to isc-tn-2012-1.txt hybrid authority/recursive servers are out of
scope.
On Fri, 03 May 2013 13:44:01 -0500
wrote:
>What if both authoritative and recursive are running on the same server since
>RRL does not apply to recursive servers?
>
>Rohan
>
>On Fri
What if both authoritative and recursive are running on the same server since
RRL does not apply to recursive servers?
Rohan
On Fri, 3 May 2013 18:19:27 GMT
Vernon Schryver wrote:
>> From:
>
>> So based on the response below how critical is it to implement
>> RRL via Bind RRL patch provided t
> From:
> So based on the response below how critical is it to implement
> RRL via Bind RRL patch provided the servers resources are available?
Even if I knew which server resources are at issue (I don't), I think
you must decide for yourself whether to install RRL and if so, how
urgently.
> A
- Original Message -
> > From: "Lawrence K. Chen, P.Eng."
>
> > So does rate limiting cover when the attacker walks my DNS zone to
> > attack an IP?
>
> that depends on what is meant by "rate limiting" and "walking a DNS
> zone".
>
> Simple rate limiting that counts all requests oste
So based on the response below how critical is it to implement RRL via Bind RRL
patch provided the servers resources are available? And where do I download
this patch?
Rohan
On Thu, 2 May 2013 22:16:51 GMT
Vernon Schryver wrote:
>> From: "Lawrence K. Chen, P.Eng."
>
>> So does rate limiting
> From: "Lawrence K. Chen, P.Eng."
> So does rate limiting cover when the attacker walks my DNS zone to
> attack an IP?
that depends on what is meant by "rate limiting" and "walking a DNS zone".
Simple rate limiting that counts all requests ostensibly from a
single IP address regardless of (qna
- Original Message -
> > Patch BIND to include the RRL (Response Rate Limiting) patches
> > (http://www.redbarn.org/dns/ratelimits), blackhole/ignore those
> > clients requesting.
>
> The fact that Response Rate Limiting (RRL) does not blackhole/ignore
> clients is a feature and why it i
> Patch BIND to include the RRL (Response Rate Limiting) patches
> (http://www.redbarn.org/dns/ratelimits), blackhole/ignore those
> clients requesting.
The fact that Response Rate Limiting (RRL) does not blackhole/ignore
clients is a feature and why it is a better mitigation for DNS
Reflection Do
On Tue, 2013-04-30 at 22:07 +0100, Steven Carr wrote:
> You asked this question a few weeks ago.
>
> Patch BIND to include the RRL (Response Rate Limiting) patches
> (http://www.redbarn.org/dns/ratelimits), blackhole/ignore those
> clients requesting.
>
Many people will not compromise critical
On Tue, 30 Apr 2013, Jose Manuel Delgado G. wrote:
I have isc.org attack." isc.org internet *?". It comes from my own clients
that I have allowed in my ACL. the question is how to stop this attack?
this causes my traffic on the interface is intense and also up my cpu
percentage. that I can do t
You asked this question a few weeks ago.
Patch BIND to include the RRL (Response Rate Limiting) patches
(http://www.redbarn.org/dns/ratelimits), blackhole/ignore those
clients requesting.
On 30 April 2013 21:49, Jose Manuel Delgado G. wrote:
> I have isc.org attack." isc.org internet *?". It com
I have isc.org attack."* isc.org internet *?".* It comes from my own
clients that I have allowed in my ACL. the question is how to stop this
attack? this causes my traffic on the interface is intense and also up my
cpu percentage.
that I can do to prevent it??
__
16 matches
Mail list logo
