1 Apr
2013
1 Apr
'13
4:19 p.m.
On Apr 01, 2013, at 11:55 , "Milt Aitken" <milt@net2atlanta.com> wrote:
Most of our DSL customers have modem/routers that resolve DNS externally. And most of those have no configuration option to stop it. So, we took the unfortunate step of ACL blocking DNS requests to & from the DSL network unless the requests are to our DNS servers.
Suboptimal, but it stopped the DNS amplification attacks.
Wow. Glad I'm not a customer of yours. * patrick@ianai.net (Patrick W. Gilmore) [Mon 01 Apr 2013, 18:04 CEST]:
I was going to suggest exactly this.
Don't most broadband networks have a line in their AUP about running servers?
Huh? No. Thankfully. Not all of us are mindless consumers. -- Niels.