[dns-operations] Limiting DNSSEC-based amplification attacks (Was: Weird TXT record

Stephane Bortzmeyer bortzmeyer at nic.fr
Wed Jun 22 08:14:00 UTC 2011

On Wed, Jun 22, 2011 at 09:06:29AM +0100,
 Simon Munton <Simon.Munton at communitydns.net> wrote 
 a message of 25 lines which said:

> iptables --limit or --hashlimit ?

Yes, rate-limiting outside of the name server seems reasonable. Now,
did any big DNS operator use it for real? Successes and failures,

More information about the dns-operations mailing list