~mdw
/
firewall
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(from:
7dde20f
)
Rate limiting for incoming DNS queries over UDP.
author
Mark Wooding
<mdw@distorted.org.uk>
Fri, 8 Jun 2012 00:51:05 +0000
(
01:51
+0100)
committer
Mark Wooding
<mdw@distorted.org.uk>
Fri, 8 Jun 2012 00:51:05 +0000
(
01:51
+0100)
We provide DNSsec-signed responses, and could be used as a DDoS
amplifier. Apply rate-limiting to incoming traffic to mitigate this
effect.
This should be removed if and when BIND acquires its own more
intelligent rate-limiting.
No differences found
~mdw / firewall / commitdiff