[Pdns-users] [HELP REQUEST] Heavy Mass-bombing against PowerDNS

Marc A. Runkel mrunkel at untangle.com
Thu Jun 9 21:18:03 UTC 2011


If your goal is to reduce the load on your server, I would install something like fail2ban and configure it to watch your pdns logs.  It pattern matches, so it should be trivial to do so. It can dynamically modify iptables rules to block requests from an "offending" IP.  See www.fail2ban.org. 

I wouldn't recommend doing an upgrade to your software (especially to a release candidate) while under "attack."

m.

On Jun 9, 2011, at 1:54 PM, kim Doff wrote:

> Hello,
> 
> I have PowerDNS Authoritative Server is 2.9.22 on Centos 5.5 32 bits.
> 
> I do not allow external recursion but I have had a brutal mass-bombing
> from China and Romania.
> 
> Jun 09 15:01:17 domain pdns[28541]: Not authoritative for 'adobe.com', 
> sending servfail to 93.113.174.225 (recursion was desired)
> 
> I want to install PowerDNS Authoritative Server Release Candidate is 3.0-rc2
> DNSSEC
> 
> How can I install it on Centos 5.5 32 bits?
> 
> I am a newbie.
> 
> Best Regards,
> 
> _______________________________________________
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com
> http://mailman.powerdns.com/mailman/listinfo/pdns-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20110609/262191a1/attachment-0001.html>


More information about the Pdns-users mailing list