discuss AT lists.opennicproject.org
Subject: Discuss mailing list
List archive
- From: Peter Green <peter AT greenpete.co.uk>
- To: Discuss <discuss AT lists.opennicproject.org>
- Subject: [opennic-discuss] Dos attack?
- Date: Thu, 08 Mar 2012 23:24:32 +0000
- Mail-reply-to: <peter AT greenpete.co.uk>
Hi,
I am getting this line in my named log about once per second...
"08-Mar-2012 23:10:30.885 client 212.227.135.196#80: query: isc.org IN ANY +ED (83.142.229.97)"
It seems to be an extremely close match to the attack mentioned here...
http://wiki.opennicproject.org/ddosBlock
That script seems to be aimed at port 25345 where as my log seems to show port 80.
Will Jeff's script help and if so, do I simply run it from crontab every second?
I am concerned this may start to impact the websites I am hosting on that server.
I have never added this server to the public list, and wonder why it's being targeted.
I hope someone can help.
Peter
- [opennic-discuss] Dos attack?, Peter Green, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Alex Hanselka, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Maximi89, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Peter Green, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Alex Hanselka, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Peter Green, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Julian DeMarchi, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Peter Green, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Julian DeMarchi, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Peter Green, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Alex Hanselka, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Peter Green, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Jeff Taylor, 03/09/2012
Archive powered by MHonArc 2.6.19.