[Pdns-users] Mitigating / stopping recent Denial of Service Attacks

okTurtles hi at okturtles.com
Mon Jun 2 00:32:54 UTC 2014


> Did you configure the server-down-max-fails ?

Yeah, it's set at 32, but how does this setting mitigate this situation?

The subdomains are two levels deep and aren't repeated. Does the algorithm treat them individually or group them into their main domain?

>  Did you read
> http://blog.powerdns.com/2014/02/06/related-to-recent-dos-attacks-recursor-configuration-file-guidance/ ?

Yes. And set to 512. This doesn't seem to have anything to do with what I'm seeing.

Cheers,
Greg

--
Please do not email me anything that you are not comfortable also sharing with the NSA.

On Jun 1, 2014, at 4:40 PM, Aki Tuomi <cmouse at youzen.ext.b2.fi> wrote:

> On Sun, Jun 01, 2014 at 03:58:45PM -0500, okTurtles wrote:
>> So on twitter I was pointed to this blog post about what seems to be about a related (or the same) attack:
>> 
>> http://blog.powerdns.com/2014/04/03/further-dos-guidance-packages-and-patches-available/
>> 
>> Now, I'm not clear on this however. Is the mitigation described in that link a solution to this problem?
>> 
>> I updated to 3.6RC1 and the good news is that the throttled percentage has gone up from 0% to 30%.
> 
> Did you configure the server-down-max-fails ? Did you read
> http://blog.powerdns.com/2014/02/06/related-to-recent-dos-attacks-recursor-configuration-file-guidance/ ?
> 
> Aki Tuomi

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20140601/94ca8990/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20140601/94ca8990/attachment-0001.sig>


More information about the Pdns-users mailing list