Noel Butler <noel.but...@ausics.net> wrote: >> How do I know I'm not answering those? >> > >Since your on win, I can't help you, but whatever your packet monitor >is, see if you are replying to their requests, even with a REFUSED >response.
Thanks, I'll take a look using WireShark. >> >It's a forged request asking you to participate in a DDoS thats been >> >going on since last Wedensday, >> >it's best if you firewall off your replies to those IP's so you don't >> >participate in harming the innocent victims. >> >> I doubt the current firewall, the one built into Windows 2003 Server, is >> capable of >> blocking specific IP addresses but I'll check. > >In that case maybe on your router? Apply a inbound request from them on >port 53 udp only, that way you wont affect real traffic (hopefully) >it does seemed to have died off dramatically here now. We don't have a router in place. The Win 2003 box is directly attached to the Internet. Tony -- Tony Toews, Microsoft Access MVP Please respond only in the newsgroups so that others can read the entire thread of messages. Microsoft Access Links, Hints, Tips & Accounting Systems at http://www.granite.ab.ca/accsmstr.htm Tony's Microsoft Access Blog - http://msmvps.com/blogs/access/ _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
