|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Malicious DNS request?
Paul,
I'm sorry if this is JUST to BIND or some other
specific software. But, IMHO this is just a sample
that requests which only generate NXDOMAIN responds.
According to someone's presentation on NANOG ("DNS
anomailies and their impact on DNS Cache Server" ),
such record may be type of attack. If we only rely on
cacheing to remove paient of CPU time, cache server
load will be increased. So, what I'm tryting to ask
is , is there some mechanism proposed to deal with
such problem? BIND is just a sample.
joe
--- Paul Vixie <[email protected]> wrote:
>
> [email protected] (Joe Shen) writes:
>
> > I'm using BIND9.2.5 & BIND9.3.1 on two Solaris
> box,
> > each box has two CPUs installed. it's found
> BIND8.4.6
> > running on one CPU could reach the throughput of
> > BIND9.*.* running on two CPUs.
> >
> > Could we improve server throughput or lower lower
> the
> > effect of those requests on NXDOMAIN?
>
> yes. but "we" isn't nanog. can you take your
> bind-specific questions
> to a bind-related mailing list or newsgroup?
> www.isc.org has pointers.
> --
> Paul Vixie
>
__________________________________________________
Do You Yahoo!?
Log on to Messenger with your mobile phone!
http://sg.messenger.yahoo.com
|