Discuss mailing list

["oVPN.to Support" <support AT ovpn.to>]

found some more... run these iptables to clean your incoming
dns-traffic and dont let them use your DNS as ddos-machine!!


iptables --insert INPUT -p udp --dport 53 -m string --from 30 --to 58
--algo bm --hex-string '|04646c7131046e38373603636f6d00000100|' -j
DROP -m comment --comment "dlq1.n876.com"

iptables --insert INPUT -p udp --dport 53 -m string --from 30 --to 58
--algo bm --hex-string '|086161706c3438313505323132373103636f6d00|' -j
DROP -m comment --comment "21271.com"

iptables --insert INPUT -p udp --dport 53 -m string --from 30 --to 58
--algo bm --hex-string '|086b6472763036333905323132373603636f6d00|' -j
DROP -m comment --comment "21276.com"

iptables --insert INPUT -p udp --dport 53 -m string --from 30 --to 58
--algo bm --hex-string '|04646c71310339617103636f6d00|' -j DROP -m
comment --comment "dlq1.9aq.com"

iptables --insert INPUT -p udp --dport 53 -m string --from 30 --to 58
--algo bm --hex-string
'|05737377657702636f02756b0000ff000100002923280000|' -j DROP -m
comment --comment "sswew.co.uk"

iptables --insert INPUT -p udp --dport 53 -m string --from 30 --to 58
--algo bm --hex-string '|03777777076263616930303703636f6d0000|' -j
DROP -m comment --comment "bcai007.com"

oVPN.to Support:
> We have noticed heavy invalid A-record spam to *www.7098.com at the
> moment
> 
> this iptables helps:
> 
> iptables --insert INPUT -p udp --dport 53 -m string --from 30 --to
> 58 --algo bm --hex-string '|03777777043730393803636f6d0000010001|'
> -j DROP -m comment --comment "DROP www.7098.com"
> 
> 
> Best Regards oVPN.to
> 
> 
> 
> 
> 
> -------- You are a member of the OpenNIC Discuss list. You may
> unsubscribe by emailing
> discuss-unsubscribe AT lists.opennicproject.org
>