: RE: Deny query from a single IP
Thanks Eric. Using blackhole option sounds like feasible option to block
a IP address. Instead of using the acl can I just use the option
blackhole
blackhole { xx.xx.xx.xx; };
The idea is to user file::tail perl module in a script to tail the stat
file
rt to
internet from such queries can be avoided but we can't avoid the incoming
queries from the attacker. So we will need to test this is determine how
effective is it.
--- On Thu, 2/26/09, Jeff Lightner wrote:
> From: Jeff Lightner
> Subject: RE: Deny query from a single IP
>
How about writing a firewall rule on the fly to block connections from that IP?
>>> Prabhat Rana 2/26/2009 9:18 AM >>>
Hello,
I have BIND 9.5running on a Solaris10 box. It provides recursive DNS service.
I'm trying to implement a script where it reads the BIND stats file for all the
incoming
To: prana9...@yahoo.com
Cc: bind-users@lists.isc.org
Subject: Re: Deny query from a single IP
It is better do this with a real IPS rather than use your DNS server to
do this. You should avoid having any unwanted traffic hit you DNS
servers ever.
Eric
Prabhat Rana wrote:
> Hello,
> I have BIND
It is better do this with a real IPS rather than use your DNS server to
do this. You should avoid having any unwanted traffic hit you DNS
servers ever.
Eric
Prabhat Rana wrote:
Hello,
I have BIND 9.5running on a Solaris10 box. It provides recursive DNS service.
I'm trying to implement a scri
Hello,
I have BIND 9.5running on a Solaris10 box. It provides recursive DNS service.
I'm trying to implement a script where it reads the BIND stats file for all the
incoming queries and if there are too many queries from a single user (source
IP) it will block queries from that particular IP. I
6 matches
Mail list logo
