On 08/08/2016 20:59, Frank Even wrote:
> Thanks for the info. Also I'll have to note that I completely missed
> that the "offending IP" is one of the .uk root servers so the next
> logical conclusion is I've probably got a box in one of my environments
> driving an amplification attack of some sor
Thanks for the info. Also I'll have to note that I completely missed that
the "offending IP" is one of the .uk root servers so the next logical
conclusion is I've probably got a box in one of my environments driving an
amplification attack of some sort or something at those IPs that I need to
figu
On 08/08/2016 18:43, Darcy Kevin (FCA) wrote:
> As already noted, allow-query will cause you to send back a REFUSED
> response. That’s sort of the whole point of the REFUSED RCODE.
>
>
>
> If you want to not send back any response **whatsoever**, then take a
> look at the “blackhole” statement,
As already noted, allow-query will cause you to send back a REFUSED response.
That’s sort of the whole point of the REFUSED RCODE.
If you want to not send back any response *whatsoever*, then take a look at the
“blackhole” statement, but, honestly, this kind of “drop” function may,
depending on
On 6 August 2016 at 21:41, Frank Even wrote:
> If an IP is not allowed as part of an "allow-query" statement, should the
> name server still be returning any responses?
I would have expected the response to be one of REFUSED.
___
Please visit https://li
5 matches
Mail list logo