North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Domain Name System protection
Joe Shen wrote: We noticed there is continous name resolution requestsIf the resolver caches are only supposed to be accessed from your IP space, I am sure you can easily throw in a router ACL to accept connections on port 53 only from these IPs. Oh, and filter out bogons at your borders while you are at it (like for example rfc1918 source addresses from outside your network) srs
|