n, 10 Jan 2016 14:14:42
From: Glenn English
To: debianUsers
Subject: OT misunderstood crackers
Resent-Date: Sun, 10 Jan 2016 19:30:09 + (UTC)
Resent-From: debian-user@lists.debian.org
I'm a self-taught admin (aka mild newbie), and I don't understand why people
would hit my DNS serve
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sun, Jan 10, 2016 at 01:45:19PM -0700, Glenn English wrote:
>
> > On Jan 10, 2016, at 12:48 PM, wrote:
> >
[DNS amplification?]
> An interesting thought. But they don't get too far with the rate
> limiter in the packet filter -- I don't send a
> On Jan 10, 2016, at 12:48 PM, wrote:
>
> Perhaps some miscreants are trying to use/using your DNS server for
> DNS amplification attacks [1] (they use open DNS servers to multiply
> their DDOS (distributed denial of service) attack force by spoofing
> the sender's address in their request (th
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sun, Jan 10, 2016 at 12:14:42PM -0700, Glenn English wrote:
> I'm a self-taught admin (aka mild newbie), and I don't understand why people
> would hit my DNS servers thousands of times.
>
> I've got a limiter in iptables ('recent' module) that blo
I'm a self-taught admin (aka mild newbie), and I don't understand why people
would hit my DNS servers thousands of times.
I've got a limiter in iptables ('recent' module) that blocks and logs when
there are too many hits from one IP to my DNS servers (5 hits in 10 seconds, on
non-recursive BIND
5 matches
Mail list logo
