Geo. wrote:
I know this is kind of a crazy idea but how about making cleaning up
all these infected machines the priority as a solution instead of
defending your dns from your infected clients. They not only affect
you, they affect the rest of us so why should we give you a solution
to your problem when you don't appear to care about causing problems
for the rest of us?
Has anyone figured out a remote but lawful way to repair zombie machines?
Pete
George Roettger
-----Original Message-----
*From:* [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Behalf Of *Luke
*Sent:* Friday, December 08, 2006 9:41 AM
*To:* [EMAIL PROTECTED]
*Subject:* DNS - connection limit (without any extra hardware)
Hi,
as a comsequence of a virus diffused in my customer-base, I often
receive big bursts of traffic on my DNS servers.
Unluckly, a lot of clients start to bomb my DNSs at a certain
hour, so I have a distributed tentative of denial of service.
I can't blacklist them on my DNSs, because the infected clients
are too much.
For this reason, I would like that a DNS could response maximum to
10 queries per second given by every single Ip address.
Anybody knows a solution, just using iptables/netfilter/kernel
tuning/BIND tuning, without using any hardware traffic shaper?
Thanks
Best Regards
Luke
