[ratelimits] ratelimits also for recursive queries?
Sven Michels
smichels at sectoor.de
Sun Sep 16 08:53:37 UTC 2012
Hi there,
i joined this list, as it seems (at least to me) the right place for my
question/suggestion.
I found the ratelimits patch and its quite usefull for authorative servers.
We also see attacks to our public dns servers, which we currently block or
limit in different ways. Since most of the attacks have the "same pattern",
which the ratelimit probably could also catch.
Crrently all attacks usually query a couple of well known domains. If the
ratelimits patch would be able to "filter" queries which asks rapidly for
the same (maybe specified) domain and the query is recursive, then we
probably would catch most of the attack requests.
Is there some interest in extending the patch that way?
Best regards,
Sven
--
sectoor GmbH - Sven Michels <*> eMail: smichels(at)sectoor.de
Geschaeftsfuehrer: Sven Michels <*> Web : http://www.sectoor.de
Huehnerweg 18 <*> Tel : +49 (0)69 9637 6000
D - 60599 Frankfurt am Main <*> Fax : +49 (0)69 9637 6006
Amtsgericht Frankfurt / HRB 57106 <*> St.Nr.: 045 243 23058
More information about the ratelimits
mailing list