hey,
I am currently in the process of dealing with water torture attacks on our cache DNS servers (<randomstring>.domain.com queries that never resolve and end up causing enormous upstream traffic, ultimately crushing the authoritative server for domain.com).
I wrote https://github.com/tarko/unbound-reqmon while ago to mitigate this issue. This will block the domain that is being used for the abuse.
PS! It will need constant attention because it will happily block co.uk, com.tw etc. at this point. The logic must really be improved if these attacks persist.
-- tarko _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
