dns-operations AT lists.opennicproject.org
Subject: Dns-operations mailing list
List archive
- From: Joshua <devnull AT pfm.io>
- To: dns-operations AT lists.opennicproject.org
- Subject: Re: [opennic-dns-operations] DoS attacks, don´t know what to do anymore...
- Date: Wed, 25 Nov 2015 13:40:20 -0500
Hello,
If you throw these in your IPtables(if your using them) they should drop it.
-A OUTPUT -o eth0 -p udp -m string --algo bm --hex-string "|07|hehehey|02|ru"
-j DROP
-A OUTPUT -o eth0 -p udp -m string --algo bm --hex-string "|04|cspc|03|gov"
-j DROP
> On Nov 25, 2015, at 1:29 PM, <abraaocaldas AT gmail.com>
> <abraaocaldas AT gmail.com> wrote:
>
> Hello guys, i´m the operator of ns1.idf.fr.dns.opennic.glue , i´m happy with
> my 100% uptime but now i´m facing a pretty heavy DoS, a lot of queries with
> this:
>
>
> Query Name Count %
> --------------- --------- ------
> cpsc.gov 4819 24.7
> hehehey.ru 2374 12.2
>
>
> more than 4800 queries in less than 30 seconds. I put in action all the
> configurations to prevent this, but it keep coming more and more...
> Any advice?
>
> ----
> To unsubscribe, email dns-operations-unsubscribe AT lists.opennicproject.org
- [opennic-dns-operations] DoS attacks, don´t know what to do anymore..., abraaocaldas, 11/25/2015
- Re: [opennic-dns-operations] DoS attacks, don´t know what to do anymore..., Joshua, 11/25/2015
- Re: [opennic-dns-operations] DoS attacks, don´t know what to do anymore..., Abraão Caldas, 11/25/2015
- Re: [opennic-dns-operations] DoS attacks, don´t know what to do anymore..., Dev Null, 11/25/2015
- Re: [opennic-dns-operations] DoS attacks, don´t know what to do anymore..., Abraão Caldas, 11/25/2015
- Re: [opennic-dns-operations] DoS attacks, don´t know what to do anymore..., Dev Null, 11/25/2015
- Re: [opennic-dns-operations] DoS attacks, don´t know what to do anymore..., Abraão Caldas, 11/25/2015
- Re: [opennic-dns-operations] DoS attacks, don´t know what to do anymore..., Joshua, 11/25/2015
Archive powered by MHonArc 2.6.19.