[dnsdist] Block Random queries
Aleš Rygl
ales at rygl.net
Wed Jun 8 13:55:43 UTC 2016
Hi Frederico.
It is imho almost impossible to block such queries.
They are usually running at low rates per client per second but from
many clients... I have already opened a feature request for a dynamic
rule that would allow to insert rules based on dnsdist statistics of
responses: https://github.com/PowerDNS/pdns/issues/3888
In the mean
time it could be done by an external script grabing topResponses from
dnsdist, analyzing them ans install a rule.
Regards
Ales
On Wed, 8
Jun 2016 13:53:37 +0100, Federico Olivieri wrote:
> Hi everybody,
>
> My server receives some random queries as xfz3421xc.domain.com [1],
jh65jj3e.domain2.com [2]
>
> Can someone suggests some LUA script to
block these kind of random queries?
>
> Thanks
>
> Federico
Links:
------
[1] http://xfz3421xc.domain.com
[2]
http://jh65jj3e.domain2.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20160608/e5b93b60/attachment.html>
More information about the dnsdist
mailing list