<html><head><meta http-equiv="Content-Type" content="text/html charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;"><blockquote type="cite">Did you configure the server-down-max-fails ?</blockquote><div><br></div>Yeah, it's set at 32, but how does this setting mitigate this situation?<div><br></div><div>The subdomains are two levels deep and aren't repeated. Does the algorithm treat them individually or group them into their main domain?</div><div><br></div><div><blockquote type="cite"> Did you read<br><a href="http://blog.powerdns.com/2014/02/06/related-to-recent-dos-attacks-recursor-configuration-file-guidance/">http://blog.powerdns.com/2014/02/06/related-to-recent-dos-attacks-recursor-configuration-file-guidance/</a> ?</blockquote><div><br></div>Yes. And set to 512. This doesn't seem to have anything to do with what I'm seeing.</div><div><br></div><div>Cheers,</div><div>Greg<br><div>
<br class="Apple-interchange-newline"><span style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; display: inline !important; float: none;">--</span><br style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px;"><span style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; display: inline !important; float: none;">Please do not email me anything that you are not comfortable also sharing</span><span style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; display: inline !important; float: none;"> with the NSA.</span>
</div>
<br><div><div>On Jun 1, 2014, at 4:40 PM, Aki Tuomi <<a href="mailto:cmouse@youzen.ext.b2.fi">cmouse@youzen.ext.b2.fi</a>> wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite">On Sun, Jun 01, 2014 at 03:58:45PM -0500, okTurtles wrote:<br><blockquote type="cite">So on twitter I was pointed to this blog post about what seems to be about a related (or the same) attack:<br><br><a href="http://blog.powerdns.com/2014/04/03/further-dos-guidance-packages-and-patches-available/">http://blog.powerdns.com/2014/04/03/further-dos-guidance-packages-and-patches-available/</a><br><br>Now, I'm not clear on this however. Is the mitigation described in that link a solution to this problem?<br><br>I updated to 3.6RC1 and the good news is that the throttled percentage has gone up from 0% to 30%.<br></blockquote><br>Did you configure the server-down-max-fails ? Did you read<br><a href="http://blog.powerdns.com/2014/02/06/related-to-recent-dos-attacks-recursor-configuration-file-guidance/">http://blog.powerdns.com/2014/02/06/related-to-recent-dos-attacks-recursor-configuration-file-guidance/</a> ?<br><br>Aki Tuomi<br></blockquote></div><br></div></body></html>