On 2022-04-20 23:07, Richard T.A. Neal wrote:
Hi Hal,
In addition to this you might also want to look into Response Rate
Limiting. This may help to reduce the load on your DNS servers from
bad actors without having to play a cat & mouse game of spotting and
blocking them.
Response Rate Limiting
That's not in my version of bind-9.16.23.
Thanks anyway!
--
Hal King - h...@utk.edu
Systems Administrator
Office of Information Technology
Shared Services
The University of Tennessee
103c5 Kingston Pike Building
2309 Kingston Pk. Knoxville, TN 37996
Phone: 974-1599
[cid:d0cf86b5-1da2-47ba-9a6
Hi Hal,
In addition to this you might also want to look into Response Rate Limiting.
This may help to reduce the load on your DNS servers from bad actors without
having to play a cat & mouse game of spotting and blocking them.
Response Rate Limiting is explained in detail in the BIND ARM here (
***
You can turn on answer logging:
rndc answerlog
Apologies- I believe the above is likely specific to EIP DNS builds.
J
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid s
From: bind-users on behalf of King, Harold
Clyde (Hal) via bind-users
Date: Wednesday, April 20, 2022 at 3:29 PM
To: bind-users
Subject: How can I tell if a quiry is answered or denied
I'm trying to find bad actors stretching out my load on my main DNS server I
can't tell from the query log if
I'm trying to find bad actors stretching out my load on my main DNS server I
can't tell from the query log if a host is denied an answer, or given an
answer. Also, can I get the answer in my logs? I got one great answer today,
maybe I'm pushing my luck, but I do feel lucky.
--
Hal King - h..
Thank you that did the trick!
--
Hal King - h...@utk.edu
Systems Administrator
Office of Information Technology
Shared Services
The University of Tennessee
103c5 Kingston Pike Building
2309 Kingston Pk. Knoxville, TN 37996
Phone: 974-1599
[cid:7843e9a7-77dc-4edb-92f4-95ba78de367b]
this is what I use with 9.18.1
named-compilezone -f raw -F text -o -
0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa
0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa.signed
On 04/20/2022 8:42 am, King, Harold Clyde (Hal) via bind-users wrote:
I need to read the reverse zone in txt and I'm not sure how to
I need to read the reverse zone in txt and I'm not sure how to decode the file
with named-compilezone. Does anyone know the part I'm missing?
named-compilezone -f raw -F text -o
/etc/named/secondary/9.249.192.in-addr.arpa.db 9.249.192
/etc/named/secondary/9.249.192.in-addr.arpa.db
--
Hal King
Dan Mahoney writes:
We've seen a number of messages reported to us as having an isc.org "from"
address, and as having our dkim signatures, but the signatures failing to
verify, perhaps because a forwarder may have added a subject tag or
rewritten some other header. Of course, SPF also fails bec
Dan Mahoney writes:
> We've seen a number of messages reported to us as having an isc.org "from"
> address, and as having our dkim signatures, but the signatures failing to
> verify, perhaps because a forwarder may have added a subject tag or
> rewritten some other header. Of course, SPF also
11 matches
Mail list logo
