Looks like one of my name servers (CentOS 5) gets a lot of malicious queries. The cpu load is constantly about 3 %. I put on stricter limits on who is allowed recursive queries, but this does not affect the CPU
load. I also updated bind.
I temporarily turned on querylog (command: rndc querylog), and noticed that I get over 200 queries like this per second:
Are there any ways to mitigate this, or do I just have to wait?
- Jussi
↧
DNS DoS Attack
↧
