[dns-operations] what type of attack is this?
jim at rfc1035.com
Fri Aug 9 08:19:27 UTC 2013
On 9 Aug 2013, at 09:14, Ken Peng <pyh2 at att.net> wrote:
> My nameservers are auth-only. that means we are the auth-servers for that domain.
=> you have to answer those queries. If you think you're getting flooded, consider blacklisting the source IP addresses or using traffic shaping or applying DNS rate-limiting. Or some combination of these. You might try finding out who's sending the extra traffic and ask them to fix things.
More information about the dns-operations