In message <24810615.1012581411@[172.25.106.112]>, Mike Batchelor writes:

Stop allowing the world to recurse through your authoritative servers. This invites abuse.

Provide a separate set of servers for your customers to recurse through, which serve no authoritative data and which have access restricted to your own network and your customers'.

--On Saturday, January 19, 2002 1:59 PM -0500 Matt Martini <martini@invision.net> wrote:

...

-----BEGIN PGP SIGNED MESSAGE-----

I've been seeing some strange problems in DNS lately (named 8.2.4-REL) where the nameserver stops resolving certain sites. During investigation I noticed that my query rate is way up. Many more DNS requests than normal are hitting my servers. Is anyone else seeing anything like this?

You might be the intermediary in a DNS reflector attack (see http://www.icir.org/vern/papers/reflectors.CCR.01/index.html for details) --Steve Bellovin, http://www.research.att.com/~smb Full text of "Firewalls" book now at http://www.wilyhacker.com