--Original Message-
From: bind-users On Behalf Of Barry Margolin
Sent: Tuesday, June 26, 2018 10:42 AM
To: comp-protocols-dns-b...@isc.org
Subject: Re: Stopping name server abuse
In article ,
Paul Kosinski wrote:
> Somebody who has irresponsibly (and apparently wantonly, given his
> r
Most of your replies seem not to address the (immediately
preceding) paragraph they appear to be responding to.
On Mon, 25 Jun 2018 22:15:07 +0200
Reindl Harald wrote:
>
>
> Am 25.06.2018 um 22:01 schrieb Paul Kosinski:
> > Somebody who has irresponsibly (and apparently wantonly, given his
>
On Tue, Jun 26, 2018, at 11:54, Reindl Harald wrote:
>
>
> Am 26.06.2018 um 20:50 schrieb Dave Warren:
> > On Tue, Jun 26, 2018, at 11:47, Reindl Harald wrote:
> >>
> >> Am 26.06.2018 um 20:36 schrieb Dave Warren:
> >>> On Tue, Jun 26, 2018, at 11:27, Reindl Harald wrote:
>
>
> Am
On Tue, Jun 26, 2018, at 11:47, Reindl Harald wrote:
>
> Am 26.06.2018 um 20:36 schrieb Dave Warren:
> > On Tue, Jun 26, 2018, at 11:27, Reindl Harald wrote:
> >>
> >>
> >> Am 26.06.2018 um 20:18 schrieb Dave Warren:
> >>> At the end of the day, I doubt there is much you can do legally, the onl
Hi All,
I doubt any legal action would have any chance, of cause depending on
the country's law your using. The server is publicly accessible.
It's like prosecuting somebody for knocking on your public front door
to ask the way. (or for that matter salespeople) You only might have a
chance to put
On Tue, Jun 26, 2018, at 11:27, Reindl Harald wrote:
>
>
> Am 26.06.2018 um 20:18 schrieb Dave Warren:
> > At the end of the day, I doubt there is much you can do legally, the only
> > real solutions are technical by returning answers that will discourage
> > resolvers from asking as frequently
On Tue, Jun 26, 2018, at 01:28, Matus UHLAR - fantomas wrote:
> On 25.06.18 09:06, Dave Warren wrote:
> >Absent a situation where the customer has agreed to purchase this service,
> > the only result sending an invoice would have is that you have increased
> > your loss by adding wasted time, toner
In article ,
Paul Kosinski wrote:
> Somebody who has irresponsibly (and apparently wantonly, given his
> refusal to fix it) delegated his domain(s) to your DNS server is
> essentially causing a (modest bandwidth) distributed denial of service
> attack on your server. I don't think that the "resp
On Sun, Jun 24, 2018 at 04:30:08PM -0400, Alex wrote:
> We had a former customer who parked about 300 domains with his
> registry on our server but is no longer a customer and hasn't moved
> his domains. There aren't any hosts behind the domains.
>
> Is there anything more I can do to block/preven
Somebody who has irresponsibly (and apparently wantonly, given his
refusal to fix it) delegated his domain(s) to your DNS server is
essentially causing a (modest bandwidth) distributed denial of service
attack on your server. I don't think that the "responsible" thing to do
is to sit there and suff
On Sun, Jun 24, 2018, at 15:48, Mukund Sivaraman wrote:
> On Sun, Jun 24, 2018 at 04:30:08PM -0400, Alex wrote:
> > Hi,
> > We had a former customer who parked about 300 domains with his
> > registry on our server but is no longer a customer and hasn't moved
> > his domains. There aren't any hosts
In article ,
Paul Kosinski wrote:
> How does *not* responding to a UDP query take longer for the *server*
> than responding to UDP a query? Both responding and (deliberately) not
> responding require identifying the query, but not responding bypasses
> the time the server would need to construct
In article ,
"Browne, Stuart" wrote:
> If you're filtering on an upstream device that can do that level of analysis
> without hurting your network, then maybe, but once again, you're
> double-processing every legitimate query; you're only moving the cost to a
> different device.
An upstream
Am 25.06.2018 um 05:39 schrieb Paul Kosinski:
> Is it possible to get BIND not to respond at all, thereby causing
> a timeout on the query? That would perhaps reduce load more than
> NXDOMAIN or deleting the sone(s) would.
On Mon, 25 Jun 2018 15:32:44 +0200
Reindl Harald wrote:
timeouts are e
How does *not* responding to a UDP query take longer for the *server*
than responding to UDP a query? Both responding and (deliberately) not
responding require identifying the query, but not responding bypasses
the time the server would need to construct the response, plus time
spent in the network
jo...@hasig.de wrote:
> Am 24.06.2018 um 23:41 schrieb Barry Margolin:
> > jo...@hasig.de wrote:
> > >
> > > why dont you just delete the zones?
> >
> > That won't stop the queries from coming to the server.
>
> yes, but it minimizes the use of resources because the only answer is
> nxdomain.
If
or resources for them".
Stuart
> -Original Message-
> From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of
> Paul Kosinski
> Sent: Monday, 25 June 2018 1:40 PM
> To: bind-users@lists.isc.org
> Subject: Re: Stopping name server abuse
>
> Is
Is it possible to get BIND not to respond at all, thereby causing
a timeout on the query? That would perhaps reduce load more than
NXDOMAIN or deleting the sone(s) would.
On Mon, 25 Jun 2018 00:03:09 +0200
jo...@hasig.de wrote:
> yes, but it minimizes the use of resources because the only answer
On 25/06/2018 10:09, ma...@isc.org wrote:
> Sorry for the noise
What noise?
Your post is to the point and appropriate, lots of members of this list
may be in this situation and ignore it because they have NFI on what to
do, so you've helped them.
Though personally I have done a few times what
You could ask the registrar/root domain admins to point those domains
somewhere other than your server; or just delete them from the root
servers at their perogative. You might want to give your ex-customer a
final warning beforehand as to your intent. It might spur them into
actionand maybe
Sorry for the noise
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
You should just be able to ask the registries to remove the delegations
in a sane world as per RFC 1033.
COMPLAINTS
These are the suggested steps you should take if you are having
problems that you believe are caused by someone else's name server:
1. Complain privately to the responsi
On Sun, Jun 24, 2018 at 04:30:08PM -0400, Alex wrote:
> Hi,
> We had a former customer who parked about 300 domains with his
> registry on our server but is no longer a customer and hasn't moved
> his domains. There aren't any hosts behind the domains.
>
> Is there anything more I can do to block/
-users@lists.isc.org
Subject: Re: Stopping name server abuse
Unfortunately I don't think that there is, other than the nuclear option of
becoming authoritative and pointing them elsewhere.
That would be a jackass move though.
W
On Sun, Jun 24, 2018 at 3:30 PM Alex
mailto:mysqlstud..
yes, but it minimizes the use of resources because the only answer is nxdomain.
j.
Am 24.06.2018 um 23:41 schrieb Barry Margolin:
In article ,
jo...@hasig.de wrote:
hi,
why dont you just delete the zones?
That won't stop the queries from coming to the server.
In article ,
jo...@hasig.de wrote:
> hi,
> why dont you just delete the zones?
That won't stop the queries from coming to the server.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
f
hi,
why dont you just delete the zones?
j.
Am 24.06.2018 um 22:35 schrieb Warren Kumari:
Unfortunately I don’t think that there is, other than the nuclear option of
becoming authoritative and pointing them elsewhere.
That would be a jackass move though.
W
On Sun, Jun 24, 2018 at 3:30 PM Alex
Unfortunately I don’t think that there is, other than the nuclear option of
becoming authoritative and pointing them elsewhere.
That would be a jackass move though.
W
On Sun, Jun 24, 2018 at 3:30 PM Alex wrote:
> Hi,
> We had a former customer who parked about 300 domains with his
> registry o
Hi,
We had a former customer who parked about 300 domains with his
registry on our server but is no longer a customer and hasn't moved
his domains. There aren't any hosts behind the domains.
Is there anything more I can do to block/prevent them from continually
querying my system outside of just r
29 matches
Mail list logo
