On Mon, 28 Dec 2015 17:20:22 +0000 Bob Roswell <brosw...@syssrc.com> wrote: > Hello - > > I am trying to block DNS ANY amplification attacks. My recursive > (they have to be) DNS servers are seeing hundreds of thousands of > queries like the ones below. The client IP addresses are all > different and likely forged.
Do they have to be recursive to everyone? You can narrow it down to small blocks of IP addresses if you want. That works a lot better. Perry -- Perry E. Metzger pe...@piermont.com ------------------------------------------------------------------------------ _______________________________________________ Fail2ban-users mailing list Fail2ban-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fail2ban-users
