>> From: "Joe Wolf" <[EMAIL PROTECTED]> >> Subject: [IMail Forum] OT: Bombarded by bad DNS queries
>> Example: We run dns1.abcd.com on 1.1.1.1 and this guy has published = ns2.pornsite.com on our IP Address of 1.1.1.1 << Let's be specific - are you saying the root server for your name space (e.g., the .com root servers) point to YOUR name servers as the authoritative servers for these domains? If so, you can try contacting the customer service of the domain registrar who maintains these root entries. May be you can prove that this IP address is YOUR address space and that the IP WHOIS shows YOU as the administrator of that IP space and that you are formally notifying you of an ongoing DOS attack, which they are enabling by the use of the malicious NS record for that domain. Once they have been notified of a DOS, they may now be liable for not taking appropriate action and thus may have a procedure in place to alter the NS record. Otherwise try contacting ICANN to see if they can suggest what recourse you may have against a domain registrar who is notified of INVALID and malicious NS data (after all, it's pointing to a non-authoritative server, thus is clearly invalid) and does NOT take action. And yes, if you can block UDP/TCP packets at your border router, you'll be in control in the meantime. Best Regards, Andy To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
