North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: DNS DOS increasing?
In message <[email protected][172.25.106.112]>, Mike Batchelor writes: > >Stop allowing the world to recurse through your authoritative servers. >This invites abuse. > >Provide a separate set of servers for your customers to recurse through, >which serve no authoritative data and which have access restricted to your >own network and your customers'. > >--On Saturday, January 19, 2002 1:59 PM -0500 Matt Martini ><[email protected]> wrote: > >> >> -----BEGIN PGP SIGNED MESSAGE----- >> >> I've been seeing some strange problems in DNS lately (named 8.2.4-REL) >> where the nameserver stops resolving certain sites. During investigation >> I noticed that my query rate is way up. Many more DNS requests than >> normal are hitting my servers. Is anyone else seeing anything like this? You might be the intermediary in a DNS reflector attack (see http://www.icir.org/vern/papers/reflectors.CCR.01/index.html for details) --Steve Bellovin, http://www.research.att.com/~smb Full text of "Firewalls" book now at http://www.wilyhacker.com