[Pdns-users] DNS amplification attack advice
bortzmeyer at nic.fr
Wed May 30 07:53:27 UTC 2012
On Tue, May 29, 2012 at 04:32:23PM +0200,
kalpesh thaker <kalpesh at webdevworld.com> wrote
a message of 252 lines which said:
> - max-tcp-connections set to 60
> - setup IPtables with a chain to reject udp/tcp connections
> they seem to think they these IP address have all been spoofed for
> this amplification attack.
I'm confused. The attacker uses TCP or not? If yes, it is very
unlikely they were able to spoof the IP addresses.
More information about the Pdns-users