On Mon, 28 Dec 2015 17:20:22 +0000 Bob Roswell <[email protected]> wrote: > Hello - > > I am trying to block DNS ANY amplification attacks. My recursive > (they have to be) DNS servers are seeing hundreds of thousands of > queries like the ones below. The client IP addresses are all > different and likely forged.
Do they have to be recursive to everyone? You can narrow it down to small blocks of IP addresses if you want. That works a lot better. Perry -- Perry E. Metzger [email protected] ------------------------------------------------------------------------------ _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
