Problems with IPFW causing failed DNS and FTP sessions
Michael Sierchio
kudzu at tenebras.com
Mon Apr 1 05:02:25 UTC 2013
On Sun, Mar 31, 2013 at 9:39 PM, Michael Powell <nightrecon at hotmail.com> wrote:
> I'm probably not smart enough to be able to help directly with your problem
> but I'd like to add that there is a snowballing DNS Amplification ddos
> attack against SpamHaus going on which is spilling over
Yes, this is very much true. The ICANN servers are dropping packets
like mad, and many of the .com servers as well. I am mirroring the
root zone locally to mitigate.
It works to forward DNS to Google's servers (8.8.8.8, 8.8.4.4.) EXCEPT
- they are blocking some net blocks (issuing spurious negative
responses) because of large numbers of nets with hosts in the botnet
participating in the attack.
- M
More information about the freebsd-questions
mailing list