: matthewbhuff | Fax: 914-460-4139
> -Original Message-
> From: David Forrest [mailto:d...@maplepark.com]
> Sent: Wednesday, February 11, 2009 10:11 AM
> To: Matthew Huff
> Cc: 'bind-users@lists.isc.org'
> Subject: RE: loads of Query denied... is it an at
On Wed, 11 Feb 2009, Matthew Huff wrote:
I've been aware of this problem since it first came up on this and nanog's
list, but I'm having some configuration issues trying to make the upward
referrel be refused. I'm running bind-9.6.0P1, but I'm still seeing the NS
queries being answered in the lo
I've been aware of this problem since it first came up on this and nanog's
list, but I'm having some configuration issues trying to make the upward
referrel be refused. I'm running bind-9.6.0P1, but I'm still seeing the NS
queries being answered in the log:
11-Feb-2009 09:34:25.489 queries: client
An intelligently designed firewall rule that drops the incoming requests
isn't doing exactly what the attacker wants. It's the opposite. The
main effect of forged lookups is a response flood. And so it is also
intended to flood the victim with overwhelming amounts of DNS
responses. It, like any
Well...
> > I'll temporray block the ip on my firewall
>
> Very bad idea, since it is forged. You do exactly what the attacker
> wanted you to do.
> The proper thing to do is:
> https://www.dns-oarc.net/oarc/articles/upward-referrals-considered-harmful
>
this is kind of response I expect : an an
On Wed, Feb 11, 2009 at 01:21:35AM +0100,
Thomas Manson wrote
a message of 88 lines which said:
> I believed I was on bind mailing list, a mailing list is where you
> usually get some help... isn't it ?
You're right, it's a shame. Ask immediately for a refund, both for
your registration to th
On Wed, Feb 11, 2009 at 01:35:31AM +0100,
Thomas Manson wrote
a message of 80 lines which said:
> I'll temporray block the ip on my firewall
Very bad idea, since it is forged. You do exactly what the attacker
wanted you to do.
The proper thing to do is:
https://www.dns-oarc.net/oarc/article
someone answers me,
you could just have say search "reflector DoS attack" in the archive list,
this would have narrow down a lot my research.
I'll temporray block the ip on my firewall
On Wed, Feb 11, 2009 at 01:21, Mark Andrews wrote:
>
> In message ,
> Thoma
> s Manson writes:
> >
>
>
In message , Thoma
s Manson writes:
> --00163646c41c20dc350462999600
> Content-Type: text/plain; charset=UTF-8
> Content-Transfer-Encoding: 7bit
>
> That's some awesome answer... (did you get helped to elaborate it?)
>
> equivalent : google is your friend, search the RFCs
Feeding the er
In message , Thoma
s Manson writes:
>
The subject matter has been discussed in lots of detail
over the last month. Go read the archives of the mailing
list.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742
That's some awesome answer... (did you get helped to elaborate it?)
equivalent : google is your friend, search the RFCs
Then... read the list archives... I guess I can spend the next ten years if
I read it from the beginning
Could you give any clue of what to look for ?
I believed I was on
On Wed, Feb 11, 2009 at 00:51, Mark Andrews wrote:
>
>Please go read the list achives.
>
>Mark
> --
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742 INTERNET: mark_andr...@isc.org
>
_
Please go read the list achives.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: mark_andr...@isc.org
___
bind-users mailing list
bind-users@lists.isc.org
http
13 matches
Mail list logo