[CentOS] DNS DoS attack
John R Pierce
pierce at hogranch.com
Fri Aug 17 05:18:19 UTC 2012
On 08/16/12 9:54 PM, Jussi Hirvi wrote:
>> Aug 17 07:41:38 mx2 named[6873]: client 205.145.64.200#53: query (cache) 'ripe.net/ANY/IN' denied
>> >Aug 17 07:41:38 mx2 named[6873]: client 204.10.45.5#53: query (cache) 'ripe.net/ANY/IN' denied
>> >Aug 17 07:41:38 mx2 named[6873]: client 78.40.35.212#53: query (cache) 'ripe.net/ANY/IN' denied
>> >Aug 17 07:41:38 mx2 named[6873]: client 207.207.3.126#53: query (cache) 'ripe.net/ANY/IN' denied
> Are there any ways to mitigate this, or do I just have to wait?
meh, if its coming from lots of random hosts, then fail2ban style
techniques won't work. I assume this is an authoritative name server?
does it have recursive queries disabled so it can only return results
for the domain(s) its authoritative for ?
--
john r pierce N 37, W 122
santa cruz ca mid-left coast
More information about the CentOS
mailing list