On 2014-04-14, Anthony K <akcentos at anroet.com> wrote: > > Be aware of DND DDoS Amplification attack *[0]* if you are running this > DNS at home as it can quickly deplete your bandwidth (if your ISP gives > you quotas per month). I use the following *[1]* to help stop these > queries. However, since I'm dropping these when they hit my router, I'm > still losing bandwidth but not at a terribly fast pace! > > Although the ISP can definitely stop such queries from getting to you, > it is not in their best interests and hence do nothing about it! How is it not in their best interests? They still have to waste their bandwidth and routing to route the packets across their network. If it's a particularly persistent attack I imagine they'd rather block them at their border. ...well, unless they get to charge you by the MB/GB. Last I heard that was more common outside the US. In that case I suppose they might prefer to get money from you rather than block the nuisance packets. (Even in this case I imagine they'd prefer to block a very large-scale DDoS, but those are probably rare against a typical home server.) --keith -- kkeller at wombat.san-francisco.ca.us