Skip to Content.
Sympa Menu

discuss - Re: [opennic-discuss] Annoying DoS

discuss AT

Subject: Discuss mailing list

List archive

Re: [opennic-discuss] Annoying DoS

Chronological Thread 
  • From: Dean Gardiner <fuzeman91 AT>
  • To: discuss AT
  • Subject: Re: [opennic-discuss] Annoying DoS
  • Date: Thu, 18 Oct 2012 10:16:38 +1300

My ISP is clueless and doesn't care about it (first line support...) it will be a mission to get it blocked upstream.

On Oct 18, 2012 10:14 AM, "Dean Gardiner" <fuzeman91 AT> wrote:

For me I've had all incoming traffic on port 53 blocked since the start of the first DDoS but the incoming traffic still consumes my ISP connection which I can't do anything about.

On Oct 18, 2012 10:10 AM, "Alex Hanselka" <alex AT> wrote:
I highly suggest running if you do not already. It almost always catches these and reduces their damage to minimal. Also, iptables will only block the reply which is usually the largest part anyway. The request bandwidth will always be used unless it is blocked somewhere upstream.

On 2012-10-17 16:01, Martin C wrote:
day and noticed one IP doing a lot of lookups for the same domain over
and over again (

I thought nothing of it until

Hehe, I should clarify that I did think something of it, but fortunately
I have never experienced a DoS directly myself, so in the back of my
mind I thought the logs hinted at it, and I thought to myself that I
would wait a bit to see if it continued.

It did, so I got my old friend iptables to take care of it. A fourth IP
decided to make trouble soon after, which I believe is
from a local range, so I couldn't understand how it could be doing the
same things the other IPs were, but there it was.

You are a member of the OpenNIC Discuss list. You may unsubscribe by emailing

Archive powered by MHonArc 2.6.19.

Top of Page