Skip to Content.
Sympa Menu

discuss - Re: [opennic-discuss] Sharp increase in DNS traffic.

discuss AT

Subject: Discuss mailing list

List archive

Re: [opennic-discuss] Sharp increase in DNS traffic.

Chronological Thread 
  • From: mike <mike AT>
  • To: discuss AT
  • Subject: Re: [opennic-discuss] Sharp increase in DNS traffic.
  • Date: Sun, 19 Jun 2011 23:16:36 -0400
  • Envelope-to: discuss AT
  • List-archive: <>
  • List-id: <>

Hash: SHA1

Thanks for all the info Jeff, Yeah I'll temporarily turn logging back on
overnight here and try and get a picture of what's going on.

- --Mike

On 11-06-19 10:28 PM, Jeff Taylor wrote:
> We've had some small bits of discussion on IRC over the weekend regarding a
> flood of MX queries that result in errors. If you do any sort of logging
> on
> your server, see if you can pick out any trends.
> One known issue to check for that might account for your sudden activity...
> check to see if you have large blocks of DNS activity that all come in on
> port
> 25345 and are looking for If you are seeing this, someone is
> trying to
> use your server in an attempt to DDOS the creators of BIND (don't ask why,
> nobody has been able to figure that out)... I have a bash script you can
> run in
> the background that will automatically add and expire iptables rules to
> control
> the flow, however it requires that you have a log file showing the
> offending IP
> addresses. Send me an email or catch me on IRC if you need to use this.

Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla -


Archive powered by MHonArc 2.6.19.

Top of Page