Re: DDOS attack Bind 9.9 - P2

- Original Message - > > Patch BIND to include the RRL (Response Rate Limiting) patches > > (http://www.redbarn.org/dns/ratelimits), blackhole/ignore those > > clients requesting. > > The fact that Response Rate Limiting (RRL) does not blackhole/ignore > clients is a feature and why it i

Re: DDOS attack Bind 9.9 - P2

> From: "Lawrence K. Chen, P.Eng." > So does rate limiting cover when the attacker walks my DNS zone to > attack an IP? that depends on what is meant by "rate limiting" and "walking a DNS zone". Simple rate limiting that counts all requests ostensibly from a single IP address regardless of (qna

mistake or bug or error or user malfunction

I just finished installing bind 9.9.2-P2 on a windows 7 box to act as a local resolved for my 192.168.7 lan and to cache queries so they don't all have to go out over my satellite link... I think it seems likely that I have done something wrong, but I'm not sure what... named.conf looks like: op

Re: mistake or bug or error or user malfunction

Someone has installed a ordinary recursive server as a transparent DNS caching server and is intercepting your queries. This does not work. At a minimum a "transparent" DNS caching server needs to force recursion. It also need to fake AA=1 in the responses. It also needs to pass through TSIG s