rrl can help. it has a separate quota for negative responses, usually on a source /24 basis that is narrow enough to encompass specific reflection victims.

re:

Mahdi Adnan via Unbound-users wrote:
Hi,

Im wondering how Unbound users are handling DGA and DGA like attacks.
Im running 20 Unbound servers and around 20% of response are NXDOMAIN,
for queries coming from my clients.
Anyone experienced this kind of attack before ? if so, how do you
protect your servers against it ? is there something Unbound can do ?



--

Respectfully*
**Mahdi A. Mahdi*


-- P Vixie

Reply via email to