Skip to Content.
Sympa Menu

discuss - Re: [opennic-discuss] Sustained attack from 77.50.*

discuss AT

Subject: Discuss mailing list

List archive

Re: [opennic-discuss] Sustained attack from 77.50.*

Chronological Thread 
  • From: Julien Champenois <juchampenois AT>
  • To: discuss AT
  • Subject: Re: [opennic-discuss] Sustained attack from 77.50.*
  • Date: Sat, 21 May 2016 19:02:41 +0200

Thanks for the info.

Le 21 mai 2016 6:48 PM, "Jeff Taylor" <shdwdrgn AT> a écrit :
I have been getting hit by a sustained attack from for the past 5 hours, completely saturating my outgoing bandwidth.  This is despite my T1 only allowing recursion from opennic servers, and my T2 only allowing whitelisted users, so I'm not exactly sure how they got around that...

The attack queries are searching for ANY +E.  The domains being hit are listed below, and they are just being cycled through continuously.

Use this line to completely block the range of IP's if you also see this problem:
# iptables -I INPUT -s -j DROP

You are a member of the OpenNIC Discuss list.
You may unsubscribe by emailing discuss-unsubscribe AT

Archive powered by MHonArc 2.6.19.

Top of Page