In article <mailman.87.1529956879.803.bind-us...@lists.isc.org>, Paul Kosinski <b...@iment.com> wrote:
> Somebody who has irresponsibly (and apparently wantonly, given his > refusal to fix it) delegated his domain(s) to your DNS server is > essentially causing a (modest bandwidth) distributed denial of service > attack on your server. I don't think that the "responsible" thing to do > is to sit there and suffer from a significantly increased load. Good luck getting him prosecuted under any kind of computer abuse law. That would be like calling the cops on a sibling who is poking you, claiming that it's assault. > What should be done is to get the domain(s) revoked if the owner > continues to refuse to remedy the problem: it is *he*, not you, who is > being irresponsible. And if the queries are coming via an innocent > ISP's resolver, then they are inadvertently assisting in the attack, > and should be contacted and asked to help in the remediation. (Note > that *their* resources, as well as yours, are being wasted.) I doubt any ISPs will do anything about it. It's probably negligible relative to their total DNS volume, and would be more trouble than it's worth to add filters to block it. The domain registrar is the place to go, I expect most of them have standard procedures for exactly this problem. -- Barry Margolin Arlington, MA _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
