* Klaus Darilion wrote: > Agreed. That's why I mentioned that our iptables based rate limiting > only mitigates the current ANY amplification attacks, not all kind of > attacks. I did see some attacks with repeated DNSKEY queries. Dampening catched them.