Skip to Content.
Sympa Menu

discuss - Re: [opennic-discuss] invalid A-record serv-fail spam/ddos

discuss AT lists.opennicproject.org

Subject: Discuss mailing list

List archive

Re: [opennic-discuss] invalid A-record serv-fail spam/ddos


Chronological Thread 
  • From: "oVPN.to Support" <support AT ovpn.to>
  • To: discuss AT lists.opennicproject.org
  • Subject: Re: [opennic-discuss] invalid A-record serv-fail spam/ddos
  • Date: Thu, 05 Jun 2014 13:17:45 +0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

find our full script here:
https://paste.d0wn.biz/53905be89a.txt

do as root:
paste into "iptables.sh"
do "chmod +x iptables.sh"
run with "./iptables.sh"

maybe openvz has problems with this rules, did not try.
with kvm and dedicateds working fine.

but, our dns is running dedicated (inside kvm), nothing more than DNS
inside this machine.
you should merge it into your iptables if you use any.
need help or more questions? join irc.ovpn.to/#ovpn.to

btw, most of you'll still see incoming traffic with tcpdump, unless
you are not filtering at firewall/gateway-level with FORWARD-rules,
but requests dont reach your DNS and you are not sending requests to
upstreams and no answers back.

i'll join freenode/#opennic later.

peace!
MrNice
oVPN.to
-----BEGIN PGP SIGNATURE-----

iQEcBAEBCgAGBQJTkG34AAoJEEj9Y1FwqgyO60MH/2CNrNHfq0DsB2XukfbNsAyX
Wvsj48YktjrzZt4RfLJk/IALv2ju6tFSKLpPqU2I4ESE6skClVGT3LTyScKTtvuA
xb4uh9zy86lvCnHvhnSzFygXWaO1VmkUYO7HE2L0hYywZzpSGX1kye9Wgo/jc0hK
rG8Ql5EkKWkaLwuu65909jQ3wd7QzdhFPUJrJF8HpNCqzVoet5l3MoRn9F+sbg+x
jzMriwcnjjLm6gJCWpd3/D7svfwf8Tgt1jskdjnK0tjMNA0A+MoGIQP5b4KxcJFt
CSPtDP9IL99sMquOl2/Cq/EgyPpCE7SjNLODQO54L17aBuep24rXjG4Ras4P5aY=
=jJnm
-----END PGP SIGNATURE-----



Archive powered by MHonArc 2.6.19.

Top of Page