[dns-operations] DNS deluge for x.p.ctrc.cc
luc at fnet.fr
Wed Mar 1 19:58:21 UTC 2006
On Wed, Mar 01, 2006 at 12:49:11PM -0600, Nicholas Suan wrote:
| Geo. wrote:
| > Now the bots will simply spoof on the inside ISP network and use the local
| > dns servers. The way to stop that is to run a firewall between the dns
| > servers and their local clients (something almost nobody is going to do)
| Actually, the way to stop that is to place the filters on the router
| between the ISP and the client. Putting filters on every router isn't
| really necessary if you filter at the edge, instead of trying to do it
| somewhere in the middle. Most networks that I've seen, do the filtering
| there anyway.
And multi-homing ? Some client could have many ISP but using only one dns
servers. This server could see query from his client with unexpected address.
For this server is something like spoofing, but it's not.
More information about the dns-operations