From owner-freebsd-questions@FreeBSD.ORG Thu Dec 28 11:48:37 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 75FDE16A40F for ; Thu, 28 Dec 2006 11:48:37 +0000 (UTC) (envelope-from teklimbu@wlink.com.np) Received: from smtp5.wlink.com.np (smtp5.wlink.com.np [202.79.32.52]) by mx1.freebsd.org (Postfix) with SMTP id 16CC713C463 for ; Thu, 28 Dec 2006 11:48:32 +0000 (UTC) (envelope-from teklimbu@wlink.com.np) Received: (qmail 37694 invoked from network); 28 Dec 2006 11:15:25 -0000 Received: from unknown (HELO smtp1.wlink.com.np) (202.79.32.76) by 0 with SMTP; 28 Dec 2006 11:15:25 -0000 Received: (qmail 35233 invoked by uid 98); 28 Dec 2006 11:21:08 -0000 Received: from 202.79.36.216 by smtp1.wlink.com.np (envelope-from , uid 1009) with qmail-scanner-1.25 (clamdscan: 0.88.4/2205. Clear:RC:1(202.79.36.216):. Processed in 0.024546 secs); 28 Dec 2006 11:21:08 -0000 X-Qmail-Scanner-Mail-From: teklimbu@wlink.com.np via smtp1.wlink.com.np X-Qmail-Scanner: 1.25 (Clear:RC:1(202.79.36.216):. Processed in 0.024546 secs) Received: from [202.79.36.216] (HELO teklimbu.wlink.com.np) by smtp1.wlink.com.np (qmail-smtpd) with SMTP; 28 Dec 2006 11:21:00 -0000 (Thu, 28 Dec 2006 17:06:00 +0545) Received: (qmail 65628 invoked by uid 1009); 28 Dec 2006 11:32:28 -0000 Received: from unknown (HELO teklimbu.wlink.com.np) (202.79.36.216) by teklimbu.wlink.com.np with SMTP; 28 Dec 2006 11:32:28 -0000 Date: Thu, 28 Dec 2006 17:17:28 +0545 From: Tek Bahadur Limbu To: Chuck Swiger Message-Id: <20061228171728.ab8781d5.teklimbu@wlink.com.np> In-Reply-To: <4593049D.5030909@mac.com> References: <20061226171837.5e4c92a0.teklimbu@wlink.com.np> <200612261434875.SM00292@TX2.Go2France.com> <20061227131153.5a417076.teklimbu@wlink.com.np> <4593049D.5030909@mac.com> Organization: Worldlink Communications Pvt. Ltd. X-Mailer: Sylpheed version 2.2.0 (GTK+ 2.8.12; i386-portbld-freebsd6.1) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Spam-Check-By: smtp1.wlink.com.np Spam: No ; 0.3 / 5.0 X-Spam-Status-WL: No, hits=0.3 required=5.0 Cc: freebsd-questions@freebsd.org Subject: Re: Need to restrict DNS requests to just 5 per second X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Dec 2006 11:48:37 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 27 Dec 2006 18:41:17 -0500 Chuck Swiger wrote: > Tek Bahadur Limbu wrote: > [ ... ] > > Thank you very much for your help and suggestions. Actually, the > > reason why I want to implement this restriction is because some > > clients whose Windows PCs are infected with viruses and malwares > > send up to 10-20 bogus DNS queries per second which causes the > > traffic utilization to go almost 5 times high on the dns server. > > There are legitimate reasons why a client machine might want to make > dozens or even hundreds of DNS lookups per second-- or have you never > used adns or another webserver logfile analyzer yourself? :-) > > Please consider solving the problem rather than a symptom. > > If you experience what you determine to be malicious traffic from a > host or traffic which violates your published AUP, please contact the > systems' owner or perform firewall egress filtering on such a machine > until it gets fixed. > > -- > -Chuck > Hello Chuck, I will definitely try what you stated. Thanks. - -- With best regards and good wishes, Yours sincerely, Tek Bahadur Limbu (TAG/TDG Group) Jwl Systems Department Worldlink Communications Pvt. Ltd. Jawalakhel, Nepal -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (FreeBSD) iD8DBQFFk6tMVrOl+eVhOvYRAjTgAJ0R94qZr/nrb6DLGWM45YIQJQLpFQCcDurr ED5wdp+F0Gzs9ntFB+EunVk= =BA7b -----END PGP SIGNATURE-----