On 2022-04-20 23:07, Richard T.A. Neal wrote:
Hi Hal,
In addition to this you might also want to look into Response Rate
Limiting. This may help to reduce the load on your DNS servers from
bad actors without having to play a cat & mouse game of spotting and
blocking them.
Response Rate
That's not in my version of bind-9.16.23.
Thanks anyway!
--
Hal King - h...@utk.edu
Systems Administrator
Office of Information Technology
Shared Services
The University of Tennessee
103c5 Kingston Pike Building
2309 Kingston Pk. Knoxville, TN 37996
Phone: 974-1599
Hi Hal,
In addition to this you might also want to look into Response Rate Limiting.
This may help to reduce the load on your DNS servers from bad actors without
having to play a cat & mouse game of spotting and blocking them.
Response Rate Limiting is explained in detail in the BIND ARM here
***
You can turn on answer logging:
rndc answerlog
Apologies- I believe the above is likely specific to EIP DNS builds.
J
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid
From: bind-users on behalf of King, Harold
Clyde (Hal) via bind-users
Date: Wednesday, April 20, 2022 at 3:29 PM
To: bind-users
Subject: How can I tell if a quiry is answered or denied
I'm trying to find bad actors stretching out my load on my main DNS server I
can't tell from the query log
I'm trying to find bad actors stretching out my load on my main DNS server I
can't tell from the query log if a host is denied an answer, or given an
answer. Also, can I get the answer in my logs? I got one great answer today,
maybe I'm pushing my luck, but I do feel lucky.
--
Hal King -
6 matches
Mail list logo