29 Mar
2013
29 Mar
'13
7:24 a.m.
In message <20130329034419.GA26823@meh.net.nz>, Ben Aitchison writes:
That said, a lot of these amplifications attacks use ANY requests, which normal clients don't. And those could be rate limited down without effecting normal traffic I'm sure.
Ben.
And you need to learn that normal clients *do* issue type any queries. Blocking any queries would be easy if normal clients didn't issue any queries. You would have need controls added to nameserver to block them if there wern't normal clients issuing any queries. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org