Hi Tony, On Tue, 2009-01-27 at 09:35, Tony Toews [MVP] wrote:
> Noel Butler <noel.but...@ausics.net> wrote: > > >This is not your config, so long as you are not answering thats fine. > > How do I know I'm not answering those? > Since your on win, I can't help you, but whatever your packet monitor is, see if you are replying to their requests, even with a REFUSED response. > >It's a forged request asking you to participate in a DDoS thats been > >going on since last Wedensday, > >it's best if you firewall off your replies to those IP's so you don't > >participate in harming the innocent victims. > > I doubt the current firewall, the one built into Windows 2003 Server, is > capable of > blocking specific IP addresses but I'll check. > In that case maybe on your router? Apply a inbound request from them on port 53 udp only, that way you wont affect real traffic (hopefully) it does seemed to have died off dramatically here now. Cheers
_______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users