rrl can help. it has a separate quota for negative responses, usually on
a source /24 basis that is narrow enough to encompass specific
reflection victims.
re:
Mahdi Adnan via Unbound-users wrote:
Hi,
Im wondering how Unbound users are handling DGA and DGA like attacks.
Im running 20 Unbound servers and around 20% of response are NXDOMAIN,
for queries coming from my clients.
Anyone experienced this kind of attack before ? if so, how do you
protect your servers against it ? is there something Unbound can do ?
--
Respectfully*
**Mahdi A. Mahdi*
-- P Vixie
