[dns-operations] DDOS/Collateral Damage BCPs
Barry Raveendran Greene
bgreene at senki.org
Thu Apr 15 16:43:19 UTC 2010
I'm working with a provider in Egypt whose DNS servers are getting
persistently whacked by an intentional DDOS or collateral damage from a SPAM
They are getting the normal vendor advise of "put a bigger firewall, DPI,
Loadbalancer." But, I usually find that this is not the best advice.
Q. Has anyone done any recent work on "architecture" guides for SP's DNS?
This crew is using bind, they are cluefull enough to break apart their
customer resolvers and the slaves, and are willing to make changes.
More information about the dns-operations