<div dir="ltr">I will I need to remove ip's. </div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Oct 6, 2014 at 3:36 PM, Lightner, Jeff <span dir="ltr"><<a href="mailto:JLightner@dsservices.com" target="_blank">JLightner@dsservices.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Just posted named.conf entry examples in response to an earlier post.<br>
<br>
What you have looks ok to me but I don't use "-" in my acl names. Since "-" is valid for zone file names in named.conf it probably is OK for acl names and I mention it as the only noticeable difference that stood out to me in what you wrote.<br>
<span class=""><br>
<br>
<br>
-----Original Message-----<br>
From: <a href="mailto:ale-bounces@ale.org">ale-bounces@ale.org</a> [mailto:<a href="mailto:ale-bounces@ale.org">ale-bounces@ale.org</a>] On Behalf Of Horkan Smith<br>
Sent: Monday, October 06, 2014 3:16 PM<br>
To: Atlanta Linux Enthusiasts<br>
Subject: Re: [ale] Fwd: Under Attack, my dns servers<br>
<br>
</span><div><div class="h5">Can you share the lines where you control access (including recursion)? In my case, they look like:<br>
<br>
named.conf.options:<br>
allow-transfer { home-nets; domain-backups; };<br>
allow-recursion { home-nets; domain-backups; };<br>
allow-query { home-nets; domain-backups; };<br>
<br>
Where home-nets and domain-backups are defined as acls.<br>
<br>
later!<br>
horkan<br>
<br>
<br>
On Mon, Oct 06, 2014 at 12:03:39PM -0400, Chuck Payne wrote:<br>
> Guys,<br>
><br>
> I am under attack where my dns server is being used to do a ddos<br>
> attack. I believe it's a bot net, because the ip are too random. I<br>
> don't think the domain I am seeing in my bind log is real<br>
><br>
> fkfkfkfz.guru<br>
><br>
> 06-Oct-2014 11:23:28.146 client 92.222.9.179#49643: query:<br>
> fkfkfkfz.guru IN ANY +E (50.192.59.225)<br>
> 06-Oct-2014 11:23:28.146 client 92.222.9.179#49643: query (cache)<br>
> 'fkfkfkfz.guru/ANY/IN' denied<br>
> 06-Oct-2014 11:23:28.146 client 92.222.9.179#49643: drop REFUSED<br>
> response to <a href="http://92.222.9.0/24" target="_blank">92.222.9.0/24</a><br>
><br>
> I have turn on recursion, but now people can't find my domains any more.<br>
> I have also try to limit the rate as well<br>
><br>
> rate-limit {<br>
> responses-per-second 25;<br>
> window 5;<br>
> };<br>
><br>
><br>
> I am running Debian and openSUSE.<br>
><br>
> Anything I can do to stop them and make where people can find my<br>
> domains? I don't want to have to pay for something I can do and have control over.<br>
><br>
> --<br>
> Terror PUP a.k.a<br>
> Chuck "PUP" Payne<br>
><br>
> <a href="tel:678%20636%209678" value="+16786369678">678 636 9678</a><br>
> -----------------------------------------<br>
> Discover it! Enjoy it! Share it! openSUSE Linux.<br>
> -----------------------------------------<br>
> openSUSE -- Terrorpup<br>
> openSUSE Ambassador/openSUSE Member<br>
> skype,twiiter,identica,friendfeed -- terrorpup<br>
> freenode(irc) --terrorpup/lupinstein<br>
> Register Linux Userid: 155363<br>
><br>
> Have you tried SUSE Studio? Need to create a Live CD, an app you want<br>
> to package and distribute , or create your own linux distro. Give SUSE<br>
> Studio a try.<br>
><br>
><br>
><br>
><br>
> --<br>
> Terror PUP a.k.a<br>
> Chuck "PUP" Payne<br>
><br>
> <a href="tel:678%20636%209678" value="+16786369678">678 636 9678</a><br>
> -----------------------------------------<br>
> Discover it! Enjoy it! Share it! openSUSE Linux.<br>
> -----------------------------------------<br>
> openSUSE -- Terrorpup<br>
> openSUSE Ambassador/openSUSE Member<br>
> skype,twiiter,identica,friendfeed -- terrorpup<br>
> freenode(irc) --terrorpup/lupinstein<br>
> Register Linux Userid: 155363<br>
><br>
> Have you tried SUSE Studio? Need to create a Live CD, an app you want<br>
> to package and distribute , or create your own linux distro. Give SUSE<br>
> Studio a try.<br>
<br>
> _______________________________________________<br>
> Ale mailing list<br>
> <a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
> <a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
> See JOBS, ANNOUNCE and SCHOOLS lists at<br>
> <a href="http://mail.ale.org/mailman/listinfo" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
<br>
<br>
--<br>
Horkan Smith<br>
<a href="tel:678-777-3263" value="+16787773263">678-777-3263</a> cell, <a href="mailto:ale@horkan.net">ale@horkan.net</a><br>
_______________________________________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
<br>
</div></div>Athena(r), Created for the Cause(tm)<br>
<span class="">Making a Difference in the Fight Against Breast Cancer<br>
<br>
</span>__________________________________________________________<br>
<span class="im HOEnZb">CONFIDENTIALITY NOTICE: This e-mail may contain privileged<br>
<br>
or confidential information and is for the sole use of the intended<br>
<br>
recipient(s). If you are not the intended recipient, any disclosure,<br>
<br>
copying, distribution, or use of the contents of this information<br>
<br>
is prohibited and may be unlawful. If you have received this electronic<br>
<br>
transmission in error, please reply immediately to the sender that<br>
<br>
you have received the message in error, and delete it. Thank you<br>
<br>
</span><div class="HOEnZb"><div class="h5">_______________________________________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
</div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br><div dir="ltr">Terror PUP a.k.a<br>Chuck "PUP" Payne<br> <br>678 636 9678<br>-----------------------------------------<br>Discover it! Enjoy it! Share it! openSUSE Linux.<br>-----------------------------------------<br>openSUSE -- Terrorpup<br>openSUSE Ambassador/openSUSE Member<br>skype,twiiter,identica,friendfeed -- terrorpup<br>freenode(irc) --terrorpup/lupinstein<br>Register Linux Userid: 155363<br> <br>Have you tried SUSE Studio? Need to create a Live CD, an app you want to package and distribute , or create your own linux distro. Give SUSE Studio a try.<br><br></div>
</div>