In message f4058b15-888b-4cbd-b682-2ea2e1889...@stupendous.net, Nathan
Ollerenshaw writes:
On 21/01/2009, at 10:40 AM, Scott Haneda wrote:
Hello, looking at my logs today, I am getting hammered with these:
20-Jan-2009 15:39:06.284 security: info: client 66.230.160.1#48517:
query
On 24/01/2009, at 9:57 AM, Mark Andrews wrote:
You you don't also have blessed silence on the counters
on this rule there is still a problem and you should be
complaining to whoever is sending the packets to you.
This just stops the amplification it doesn't
On Thu, 2009-01-22 at 10:25 +1100, Mark Andrews wrote:
One way to test is to have a test box that sends spoofed traffic
to a machine you control.
Thanks, Mark.
That tells me pretty well what I needed to know, but
hoped not to hear: I have to build my own bot-net. 8-)
In article gl61mf$9h...@sf1.isc.org,
Mark Andrews mark_andr...@isc.org wrote:
In message fb979b33-df83-4460-a3e4-040cd165e...@newgeo.com, Scott Haneda
writ
es:
Is BCP 38 really as solid and plug and play as it sounds? In a
shared, or colo'd environment, can that ISP really deploy
On 20.01.09 17:52, Frank Bulk wrote:
That's being discussed on NANOG, here's one thread:
http://markmail.org/message/ydiqnztzmz5qmusf
See here for more details in blocking them:
http://www.cymru.com/Documents/secure-bind-template.html
specifically:
blackhole {
// Deny
On Wed, 2009-01-21 at 12:44 +1100, Mark Andrews wrote:
You should talk to your ISP to chase the traffic back to
its source and get BCP 38 implemented there. BCP 38 is ~10
years old now. There is no excuse for not filtering spoofed
traffic.
Absolutely.
In message 1232561124.6369.187.ca...@d410-heron, Niall O'Reilly writes:
On Wed, 2009-01-21 at 12:44 +1100, Mark Andrews wrote:
You should talk to your ISP to chase the traffic back to
its source and get BCP 38 implemented there. BCP 38 is ~10
years old now. There
Hello, looking at my logs today, I am getting hammered with these:
20-Jan-2009 15:39:06.284 security: info: client 66.230.160.1#48517:
query (cache) './NS/IN' denied
20-Jan-2009 15:39:06.790 security: info: client 66.230.128.15#31593:
query (cache) './NS/IN' denied
Repeated over and over,
To: BIND Users Mailing List
Subject: denied NS/IN
Hello, looking at my logs today, I am getting hammered with these:
20-Jan-2009 15:39:06.284 security: info: client 66.230.160.1#48517:
query (cache) './NS/IN' denied
20-Jan-2009 15:39:06.790 security: info: client 66.230.128.15#31593:
query (cache) './NS
On Jan 20, 2009, at 3:52 PM, Frank Bulk wrote:
That's being discussed on NANOG, here's one thread:
http://markmail.org/message/ydiqnztzmz5qmusf
See here for more details in blocking them:
http://www.cymru.com/Documents/secure-bind-template.html
specifically:
blackhole {
// Deny
...@iname.com
Cc: BIND Users Mailing List
Subject: Re: denied NS/IN
On Jan 20, 2009, at 3:52 PM, Frank Bulk wrote:
That's being discussed on NANOG, here's one thread:
http://markmail.org/message/ydiqnztzmz5qmusf
See here for more details in blocking them:
http://www.cymru.com/Documents/secure
In message 232b45f8-acd3-427a-95e9-bc3ca5fc9...@newgeo.com, Scott Haneda writ
es:
Hello, looking at my logs today, I am getting hammered with these:
20-Jan-2009 15:39:06.284 security: info: client 66.230.160.1#48517:
query (cache) './NS/IN' denied
20-Jan-2009 15:39:06.790 security: info:
On Jan 20, 2009, at 5:44 PM, Mark Andrews wrote:
In message 232b45f8-acd3-427a-95e9-bc3ca5fc9...@newgeo.com, Scott
Haneda writ
es:
Hello, looking at my logs today, I am getting hammered with these:
20-Jan-2009 15:39:06.284 security: info: client 66.230.160.1#48517:
query (cache) './NS/IN'
In message fb979b33-df83-4460-a3e4-040cd165e...@newgeo.com, Scott Haneda writ
es:
On Jan 20, 2009, at 5:44 PM, Mark Andrews wrote:
In message 232b45f8-acd3-427a-95e9-bc3ca5fc9...@newgeo.com, Scott
Haneda writ
es:
Hello, looking at my logs today, I am getting hammered with these:
14 matches
Mail list logo