[45469] in North American Network Operators' Group
Re: DNS DOS increasing?
daemon@ATHENA.MIT.EDU (Mike Batchelor)
Fri Feb 1 19:37:31 2002
Date: Fri, 01 Feb 2002 16:36:51 -0800
From: Mike Batchelor <mikebat@tmcs.net>
To: "Matthew E. Martini" <martini@invision.net>, nanog@merit.edu
Message-ID: <24810615.1012581411@[172.25.106.112]>
In-Reply-To: <Pine.BSF.4.40L0.0201191354580.56649-100000@aeon.invision.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Errors-To: owner-nanog-outgoing@merit.edu
Stop allowing the world to recurse through your authoritative servers.
This invites abuse.
Provide a separate set of servers for your customers to recurse through,
which serve no authoritative data and which have access restricted to your
own network and your customers'.
--On Saturday, January 19, 2002 1:59 PM -0500 Matt Martini
<martini@invision.net> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
>
> I've been seeing some strange problems in DNS lately (named 8.2.4-REL)
> where the nameserver stops resolving certain sites. During investigation
> I noticed that my query rate is way up. Many more DNS requests than
> normal are hitting my servers. Is anyone else seeing anything like this?
>
> Matt
>
>
> __________________________ http://www.invision.net/
> _______________________
>
> Matthew E. Martini, PE InVision.com, Inc. (631) 543-1000 x104
> Chief Technology Officer matt@invision.net (631) 864-8896 Fax
> _______________________________________________________________________pg
> p_
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP 6.5.1i
>
> iQEVAwUBPEnCFmtXn16/JS7ZAQHZnAf9HUy+AtG7xOhKoHvPvjtESVdLLtw8ZKto
> xRkvSvzLIFUep77vi7w/CXQ7RBpoOrHMp1y1WFRMdwaVp4WWGk5qdiqcrtQiAyWn
> vmzP+VbaW3TT0jdRAdz98O1bW98GCZwLa9WR/xdO0bSQOvtCFuqV0P3XqGmTO0Jl
> fI7TViUzF6LpOcGGrTKxxj+A7rlOVVjCRozilZsMDKG9QVGZwdSG7/u8K+3U9mIq
> keyZKGRla1tFbVp4VXEaC6P0zdxh2OHqMTZSdd9nETQEFf9vUjR/ZUfXQfK5l3A9
> 4GCyAQ3VjhCFdt+xWBww2zh0c0F531eMrFCrrrU4jue4E+0Wuih89g==
> =+eIJ
> -----END PGP SIGNATURE-----
>
---
"The avalanche has already begun. It is too late for the pebbles to vote."
-- Kosh
