From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-user+bounces-146218-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	by finch.gentoo.org (Postfix) with ESMTP id 5124D138010
	for <garchives@archives.gentoo.org>; Thu, 28 Mar 2013 19:41:06 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id DBA00E0ABF;
	Thu, 28 Mar 2013 19:40:56 +0000 (UTC)
Received: from hermes.ezvan.fr (88-190-17-126.rev.dedibox.fr [88.190.17.126])
	by pigeon.gentoo.org (Postfix) with ESMTP id 792E9E0A0B
	for <gentoo-user@lists.gentoo.org>; Thu, 28 Mar 2013 19:40:55 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by hermes.ezvan.fr (Postfix) with ESMTP id BAEF76726
	for <gentoo-user@lists.gentoo.org>; Thu, 28 Mar 2013 20:40:53 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at ezvan.fr
Received: from hermes.ezvan.fr ([127.0.0.1])
	by localhost (hermes.ezvan.fr [127.0.0.1]) (amavisd-new, port 10024)
	with LMTP id qsjjhVMztBAG for <gentoo-user@lists.gentoo.org>;
	Thu, 28 Mar 2013 20:40:51 +0100 (CET)
Received: from [IPv6:2a01:e35:2e60:9e00:4261:86ff:fe4e:8cf0] (unknown [IPv6:2a01:e35:2e60:9e00:4261:86ff:fe4e:8cf0])
	(Authenticated sender: paul)
	by hermes.ezvan.fr (Postfix) with ESMTPSA id 9C6F7671C
	for <gentoo-user@lists.gentoo.org>; Thu, 28 Mar 2013 20:40:50 +0100 (CET)
Message-ID: <51549CC0.4070600@ezvan.fr>
Date: Thu, 28 Mar 2013 20:40:48 +0100
From: Paul Ezvan <paul@ezvan.fr>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130311 Thunderbird/17.0.4
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] How to prevent a dns amplification attack
References: <51540497.5020008@smash-net.org> <515475A6.4030908@gmail.com>
In-Reply-To: <515475A6.4030908@gmail.com>
Content-Type: text/plain; charset=ISO-8859-15; format=flowed
Content-Transfer-Encoding: 8bit
X-Archives-Salt: 01f210a4-bf3a-459d-b264-c16faed5fbf8
X-Archives-Hash: b4730d83bcdcf27407647cec751f5a70

Le 28/03/2013 17:53, Jarry a écrit :
> On 28-Mar-13 9:51, Norman Rieß wrote:
>> Hello,
>>
>> i am using pdns recursor to provide a dns server which should be usable
>> for everybody.The problem is, that the server seems to be used in dns
>> amplification attacks.
>> I googled around on how to prevent this but did not really find
>> something usefull.
>>
>> Does anyone got an idea about this?
>
> Try to set-up connection rate limiting using iptables...
>
> Jarry
Hi,

a good example, in French but the commands will be sufficient : 
http://www.bortzmeyer.org/rate-limiting-dns-open-resolver.html

Paul