Discuss mailing list

[Falk Husemann <josen AT paketsequenz.de>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Lars,

Am 20.07.2012 15:52, schrieb Lars:
> Every hint is welcome - but up to now, I just wanted to let you 
> know, that you are not alone.

you're certainly not alone. There is ddos.pl from Jeff, which you can
find here:

http://wiki.opennic.glue/ddosDotPl

It doesn't require your bind to be logging. If you're after a quick
hack for rate limiting, I wrote something for dns query limiting using
my findings from the slowloris attack which also doesn't require
logging. It doesn't require any changes/work besides running the
script provided :)

His is the elegant princess, mine is (as always) the berserk ;-)

http://falkhusemann.de/blog/2012/06/dns-query-limits-mit-iptables-und-burstrate/

If you're (or someone else is) interested I'll translate it to English.

Greets,
Falk
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJQCYrHAAoJEPPG1NATKThtnGkH/3aHMtcnizx6WGJtv+50E4ob
M2yNPB4qvMrVGrtfS+ae5Hjt+Ss0Pga1PGR5II4u5sv+LyXZGoPsRPyed5/G+JNw
Pl7qsPYsz2yizHUxs8ykwKD86HONfMcU1pWVkfv+G5FuvzkHMlW7d3AalRFxQrv1
4uGN2lp0Qjwd+q5BBHJxDIxMkqdhXpatYOxHwBydROmHCPiNDHcLLYfSxnHkFWUW
y09+CTV7hXYJE3An/3z5zenV50KmlLq+c2a830z/I4NHhIcDoTa5KqKOPXJeEPBQ
+nOYrLcGZaSShYqdSnjadL6BE0GaDVYqFp01Mig0CE6AAolp35QT0zY09DEc/Ns=
=dZf6
-----END PGP SIGNATURE-----