On Wed 14/Apr/2021 00:37:22 +0200 Richard T.A. Neal wrote:
Julien Salort wrote:
Reading this thread, I considered simply enabling the fail2ban named-refused
jail, but they advise against it because it would end up blocking the victim
rather than the attacker.
I'm happy to be corrected by
On Wed, 2021-04-14 at 08:07 +, Richard T.A. Neal wrote:
>
> Just out of interest, because I run some services on OVH, I know what
> that term means. When you rent a dedicated server from OVH you are
> assigned a single IPv4 address. Let's assume that you then want to use
> VMware or Hyper-V
Of the small amount of name servers I run, each and every name server
has had persistent attacks (I guess) in the form of "(sl): query (cache)
'sl/ANY/IN' denied". These attacks appear to be originating from
legitimate ISP resolvers, but the majority of the attacks appear to be
drones/malware
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Tue, 2021-04-13 at 22:42 +, Richard T.A. Neal wrote:
> Yes, another individual & I were discussing this off-list today. We
> wonder if those queries are from malware on infected hosts that are
> trying to determine whether a given nameserver
4 matches
Mail list logo