rrl can help. it has a separate quota for negative responses, usually on a source /24 basis that is narrow enough to encompass specific reflection victims.


Mahdi Adnan via Unbound-users wrote:

Im wondering how Unbound users are handling DGA and DGA like attacks.
Im running 20 Unbound servers and around 20% of response are NXDOMAIN,
for queries coming from my clients.
Anyone experienced this kind of attack before ? if so, how do you
protect your servers against it ? is there something Unbound can do ?


**Mahdi A. Mahdi*

-- P Vixie

Reply via email to