On 7/04/2013 10:00, Nigel Allen wrote:
I had been puzzling for a while why my combined mail/web/dns server was getting slower and slower until I realised my mistake. I had inadvertently left my named available for the entire world to do recursive queries on.
This means your server was likely participating as a reflector in the recent DDoS attack against Spamhaus. And likely other DDoS attacks too.
I have since then fixed the problem by only allowing my 2 local networks the ability. My router (and with it my ADSL connection) however remains plagued with requests.
Consider using a DNS hosting service instead. All the good DNS providers (I use Linode and HE.net myself) can operate in slave mode, where they AXFR the zone from your DNS server (you can whitelist their slave IPs in your firewall).
I see very little reason for you to have a DNS server facing the Internet on an ADSL connection.
That said, I myself run an authoritative DNS server on ADSL. The difference being is that mine wasn't misconfigured from the start, which means I haven't ended up on all sorts of botnet DNS server lists. Yours is, and as you can see, still remains even after you have fixed the problem.
-- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
