North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: DNS DOS increasing?

  • From: Steven M. Bellovin
  • Date: Fri Feb 01 20:45:57 2002

In message <[email protected][]>, Mike Batchelor writes:
>Stop allowing the world to recurse through your authoritative servers. 
>This invites abuse.
>Provide a separate set of servers for your customers to recurse through, 
>which serve no authoritative data and which have access restricted to your 
>own network and your customers'.
>--On Saturday, January 19, 2002 1:59 PM -0500 Matt Martini 
><[email protected]> wrote:
>> I've been seeing some strange problems in DNS lately (named 8.2.4-REL)
>> where the nameserver stops resolving certain sites. During investigation
>> I noticed that my query rate is way up. Many more DNS requests than
>> normal are hitting my servers. Is anyone else seeing anything like this?

You might be the intermediary in a DNS reflector attack (see for 

		--Steve Bellovin,
		Full text of "Firewalls" book now at