Re: prevent DNS attack

2012-06-28 Thread pangj
Do you realy mean 1 GByte? I dubt, your NS can handel this traffic... 1 Gbits. I was under attacking that time. 1 Gbits is nothing indeed. Last year the traffic was about 10 Gbits to my customer's DNS cluster. -- Email/Jabber/Gtalk: pa...@riseup.net Free DNS Hosting with www.DNSbed.com ___

Re: prevent DNS attack

2012-06-28 Thread With No Name
On Wed, June 27, 2012 11:20, pangj wrote: > DNS is very easy to be attacked. > My named service got 1G or more traffic of attack some time. > How can we take some steps to prevent them? Do you realy mean 1 GByte? I dubt, your NS can handel this traffic... :-D I have seen the statistics of my IS

Re: prevent DNS attack

2012-06-28 Thread Phil Mayers
On 06/28/2012 02:36 AM, pangj wrote: There is also a patch for BIND which can help: http://www.redbarn.org/dns/ratelimits Thank you. The traffic is incoming, and the incoming IPs are fake, how will the patch work to stop them? Read the archives that Tony pointed you at. There is much disc

Re: prevent DNS attack

2012-06-27 Thread pangj
define "fake" -- if you mean rfc1918, you can block the ranges at ingress, or with iptables or similar to avoid letting it hit bind at all. Yes I mean source-spoofed DDoS attack and I am reading this document: http://en.wikipedia.org/wiki/Ingress_filtering Is there a sample iptables script fo

Re: prevent DNS attack

2012-06-27 Thread Michael Hoskins (michoski)
define "fake" -- if you mean rfc1918, you can block the ranges at ingress, or with iptables or similar to avoid letting it hit bind at all. -Original Message- From: pangj Date: Wednesday, June 27, 2012 6:36 PM To: Tony Finch Cc: "bind-users@lists.isc.org" Subj

Re: prevent DNS attack

2012-06-27 Thread pangj
There is also a patch for BIND which can help: http://www.redbarn.org/dns/ratelimits Thank you. The traffic is incoming, and the incoming IPs are fake, how will the patch work to stop them? -- Email/Jabber/Gtalk: pa...@riseup.net Free DNS Hosting with www.DNSbed.com _

Re: prevent DNS attack

2012-06-27 Thread Tony Finch
pangj wrote: > > DNS is very easy to be attacked. > My named service got 1G or more traffic of attack some time. > How can we take some steps to prevent them? Incoming or outgoing? A number of people have been having this problem recently. You might want to join the dns-operations list: https://

Re: prevent DNS attack

2012-06-27 Thread WBrown
pa...@riseup.net wrote on 06/27/2012 05:20:32 AM: > DNS is very easy to be attacked. Yes it is > My named service got 1G or more traffic of attack some time. > How can we take some steps to prevent them? http://www.google.com/search?q=prevent+DNS+atttack Confidentiality Notice: This electro

prevent DNS attack

2012-06-27 Thread pangj
Hello, DNS is very easy to be attacked. My named service got 1G or more traffic of attack some time. How can we take some steps to prevent them? Thanks -- Email/Jabber/Gtalk: pa...@riseup.net Free DNS Hosting with www.DNSbed.com ___ Please visit http