[Pdns-users] Mitigating / stopping recent Denial of Service Attacks

okTurtles hi at okturtles.com
Wed Jun 4 18:41:12 UTC 2014

On Jun 4, 2014, at 1:38 PM, bert hubert <bert.hubert at netherlabs.nl> wrote:

> You want a lot!

To be clear, a solution would be nice, but I'm not saying you have to provide it! :)

> "Feel free to implement it in Lua. The PowerDNS policy is not to implement
> attack specific anti-DoS logic in the core of the software, since attackers
> can cycle faster than folks can deploy our software. This means that 'attack
> detection based techniques' need to live in Lua.

In case it helps others, that quote is from this ticket about the same issue:


Maybe I'll get enough time to write a Lua script for this, if I do I'll post it here, but don't hold your breath yet...

If someone else decides to implement the script for dropping these queries please post it here!


Please do not email me anything that you are not comfortable also sharing with the NSA.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20140604/42850225/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20140604/42850225/attachment-0001.sig>

More information about the Pdns-users mailing list