[Pdns-users] protect using fail2ban

Andreas Tauscher ta at geuka.net
Thu Jan 30 16:19:46 UTC 2014


> In the past i had a dns flood so im trying to setup some firewall options.
> I found this on the list.
> But you say that is not the right way to do ?

As Aki Tuomi wrote: Are you absolutely sure you know what you are doing?

Most of DNS traffic is UDP. The sender address in such an flood might be
faked or normally is faked. By blocking it automatic you open the
possibility of an DOS attack to your legitimated users.

Andreas




More information about the Pdns-users mailing list