Hello,
About a week ago I started noticing 3,000 or more requests coming from several ips for the following DNS queries:
XX+/128.255.203.200/./ANY/ANY
XX+/193.201.105.4/./ANY/ANY
Those are just two examples, but each IP - I have about 20 of them now create 3,000 or more queries within several minutes. All the queries are exactly the same for ./ANY/ANY.....any idea what those queries are? or what they are trying to do?
Also how can I create an 'ipfw' rule to block an ip if XX amount of connections come in within XX amount of minutes/seconds?? Right now I manually block them, and yes those IP's try a day or so later to DNS bomb (?) my machine.
Thanks
---Peter--- _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
