Hi All, We run a bunch of authoritative servers and have recently observed activity best described in a post we found here: https://isc.sans.edu/diary/DNS+ANY+Request+Cannon+-+Need+More+Packets/13261
Using the iptables rules posted as a comment by Network Mouse (in the above post), we've been able to reduce the amount of junk being sent to the target host. Most of the target hosts seem to be in Asia, just like those mentioned in the Sans post. The question I have for you all is: Is this something affecting other operators? How have you been dealing with it? Thanks in advance for your feedback. -Rob
_______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
