From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 58B5D138010 for ; Thu, 28 Mar 2013 15:12:17 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 6A914E072C; Thu, 28 Mar 2013 15:12:07 +0000 (UTC) Received: from mail-wg0-f43.google.com (mail-wg0-f43.google.com [74.125.82.43]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id F20F8E06F7 for ; Thu, 28 Mar 2013 15:12:05 +0000 (UTC) Received: by mail-wg0-f43.google.com with SMTP id f12so1582076wgh.34 for ; Thu, 28 Mar 2013 08:12:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:content-type; bh=YfphB4mx9hIIpKrYaokdU9rBVBEHTWAIAAhDVFpdxaY=; b=ml/XjqLV9P0LGnVd5u6E9mwFk07nlBTsLpuVLUlDkDV34zuC/np3uskYct59D3dJHm 8ThvvVlnUHTc4B7u1Pjcbp5gktHghB6RCeuoFYRxcWR3t0jvw+Td6yqvMswrPt7XocsB 8H5RylT4IwiYSG4R+dIydGp/6/po0evekPa3YtsMxC4ZpuNyP8Yh19Q7DtpQOievj2AJ LgdHZD6Mtpvg2UpJwtQLH83jd9Ey2iafy6qet8ZUvaHxtGm6USmcltVf0QY5ldYlPMRi JNnYsAXL8eNhkjcnxOjTgDiubUk5Yg0oPmhHDprWoPKs8e2GegNYJcUm5/veMiVHorZz PXeg== Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 X-Received: by 10.180.185.197 with SMTP id fe5mr17207470wic.3.1364483524550; Thu, 28 Mar 2013 08:12:04 -0700 (PDT) Received: by 10.216.107.66 with HTTP; Thu, 28 Mar 2013 08:12:04 -0700 (PDT) Received: by 10.216.107.66 with HTTP; Thu, 28 Mar 2013 08:12:04 -0700 (PDT) In-Reply-To: <51540497.5020008@smash-net.org> References: <51540497.5020008@smash-net.org> Date: Thu, 28 Mar 2013 16:12:04 +0100 Message-ID: Subject: Re: [gentoo-user] How to prevent a dns amplification attack From: Volker Armin Hemmann To: gentoo-user@lists.gentoo.org Content-Type: multipart/alternative; boundary=001a11c34e9ec8620a04d8fd9309 X-Archives-Salt: a3e97e9b-ada1-4570-8701-0094f09ad3ae X-Archives-Hash: 59208dda4a3b865942bf85535ef1fdc4 --001a11c34e9ec8620a04d8fd9309 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Turn off this unnecessary crap? Am 28.03.2013 09:52 schrieb "Norman Rie=DF" : > Hello, > > i am using pdns recursor to provide a dns server which should be usable > for everybody.The problem is, that the server seems to be used in dns > amplification attacks. > I googled around on how to prevent this but did not really find > something usefull. > > Does anyone got an idea about this? > > Regards, > Norman > > --001a11c34e9ec8620a04d8fd9309 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable

Turn off this unnecessary crap?

Am 28.03.2013 09:52 schrieb "Norman Rie=DF&= quot; <norman@smash-net.org&= gt;:
Hello,

i am using pdns recursor to provide a dns server which should be usable
for everybody.The problem is, that the server seems to be used in dns
amplification attacks.
I googled around on how to prevent this but did not really find
something usefull.

Does anyone got an idea about this?

Regards,
Norman

--001a11c34e9ec8620a04d8fd9309--