[Pdns-users] DNS amplification attack advice

Stephane Bortzmeyer bortzmeyer at nic.fr
Wed May 30 07:53:27 UTC 2012

On Tue, May 29, 2012 at 04:32:23PM +0200,
 kalpesh thaker <kalpesh at webdevworld.com> wrote 
 a message of 252 lines which said:

> - max-tcp-connections set to 60
> - setup IPtables with a chain to reject udp/tcp connections 
> they seem to think they these IP address have all been spoofed for
> this amplification attack.

I'm confused. The attacker uses TCP or not? If yes, it is very
unlikely they were able to spoof the IP addresses.

More information about the Pdns-users mailing list