DNS DOS increasing?
Mike Batchelor
mikebat at tmcs.net
Sat Feb 2 00:36:51 UTC 2002
Stop allowing the world to recurse through your authoritative servers.
This invites abuse.
Provide a separate set of servers for your customers to recurse through,
which serve no authoritative data and which have access restricted to your
own network and your customers'.
--On Saturday, January 19, 2002 1:59 PM -0500 Matt Martini
<martini at invision.net> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
>
> I've been seeing some strange problems in DNS lately (named 8.2.4-REL)
> where the nameserver stops resolving certain sites. During investigation
> I noticed that my query rate is way up. Many more DNS requests than
> normal are hitting my servers. Is anyone else seeing anything like this?
>
> Matt
>
>
> __________________________ http://www.invision.net/
> _______________________
>
> Matthew E. Martini, PE InVision.com, Inc. (631) 543-1000 x104
> Chief Technology Officer matt at invision.net (631) 864-8896 Fax
> _______________________________________________________________________pg
> p_
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP 6.5.1i
>
> iQEVAwUBPEnCFmtXn16/JS7ZAQHZnAf9HUy+AtG7xOhKoHvPvjtESVdLLtw8ZKto
> xRkvSvzLIFUep77vi7w/CXQ7RBpoOrHMp1y1WFRMdwaVp4WWGk5qdiqcrtQiAyWn
> vmzP+VbaW3TT0jdRAdz98O1bW98GCZwLa9WR/xdO0bSQOvtCFuqV0P3XqGmTO0Jl
> fI7TViUzF6LpOcGGrTKxxj+A7rlOVVjCRozilZsMDKG9QVGZwdSG7/u8K+3U9mIq
> keyZKGRla1tFbVp4VXEaC6P0zdxh2OHqMTZSdd9nETQEFf9vUjR/ZUfXQfK5l3A9
> 4GCyAQ3VjhCFdt+xWBww2zh0c0F531eMrFCrrrU4jue4E+0Wuih89g==
> =+eIJ
> -----END PGP SIGNATURE-----
>
---
"The avalanche has already begun. It is too late for the pebbles to vote."
-- Kosh
More information about the NANOG
mailing list