Malicious DNS request?

• Previous message (by thread): Malicious DNS request?
• Next message (by thread): Malicious DNS request?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

At 12:41 PM +0400 2005-05-12, Gadi Evron quoted Joe Shen:

>>  How could such request be filtered or minimize its
>>  affaction on DNS server?
>
>  Either this is a DDoS (woohoo!! I used the forbidden word) or you are
>  seeing a botnet trying to connect and putting in some smoke-screen while
>  at it to try and poison dns-top.
>
>  I'd suggest dropping requests for domains you don't hold.

	That's kind of hard to do if you're running a recursive/caching nameserver.

-- 
Brad Knowles, <brad at stop.mail-abuse.org>

"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."

     -- Benjamin Franklin (1706-1790), reply of the Pennsylvania
     Assembly to the Governor, November 11, 1755

   SAGE member since 1995.  See <http://www.sage.org/> for more info.

• Previous message (by thread): Malicious DNS request?
• Next message (by thread): Malicious DNS request?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]