Hello everybody! It seems slightly offtopic (if not completely). But we've got SuSE 8.0 installed. Our DNS used to be open for external queries some time ago. Now we've got it fixed and still there are massive queries from bogus hosts. Those are denied, of course, but they use our bandwidth. There should be a common well-known solution, but googling brought nothing... Thanks, Boris Kimel.
On Thu, 2002-09-12 at 08:35, Борис Кимель \(Boris Kimel\) wrote:
Hello everybody!
It seems slightly offtopic (if not completely). But we've got SuSE 8.0 installed.
Our DNS used to be open for external queries some time ago. Now we've got it fixed and still there are massive queries from bogus hosts. Those are denied, of course, but they use our bandwidth. There should be a common well-known solution, but googling brought nothing...
Maybe they will get the hint if you -J REJECT --reject-with tcp-reset You cannot control who sends traffic to your network unless there is an upstream firewall that you can configure to mangle the packets before they get to your network. I read somewhere 'IP/email works like regular junk mail; you cannot control who sends you packets/email' - I think it was in a QoS HOWTO ...
Thanks, Boris Kimel.
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
-- ---------------------------------------- Raymond Leach Internet Infrastructure Knowledge Factory Tel: +27-11-445-8100 Fax: +27-11-445-8101 www: http://www.knowledgefactory.co.za ---------------------------------------- "It is a man's own fault if his mind grows torpid in old age." - Samual Jackson
participants (2)
-
Raymond Leach
-
Борис Кимель \(Boris Kimel\)