Open DNS Resolver reflection attack Mitigation

Joe Maimon jmaimon at
Fri Jun 8 14:09:04 CDT 2012

Is there any publicly available rate limiting for BIND?

How about host-based IDS that can be used to trigger rtbh or iptables?

Google and Level3 manage to run open resolvers, why cant I?


More information about the NANOG mailing list