Date: Sun, 31 Mar 2013 22:02:24 -0700 From: Michael Sierchio <kudzu@tenebras.com> To: nightrecon@hotmail.com Cc: freebsd-questions@freebsd.org Subject: Re: Problems with IPFW causing failed DNS and FTP sessions Message-ID: <CAHu1Y725QYHahwb3Pr7vFPENC_Dqqxv1vfXb-0hzHa9Uj_mahA@mail.gmail.com> In-Reply-To: <kjb321$u1j$1@ger.gmane.org> References: <049d01ce2e89$c428ab80$4c7a0280$@com> <kjb321$u1j$1@ger.gmane.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Mar 31, 2013 at 9:39 PM, Michael Powell <nightrecon@hotmail.com> wrote: > I'm probably not smart enough to be able to help directly with your problem > but I'd like to add that there is a snowballing DNS Amplification ddos > attack against SpamHaus going on which is spilling over Yes, this is very much true. The ICANN servers are dropping packets like mad, and many of the .com servers as well. I am mirroring the root zone locally to mitigate. It works to forward DNS to Google's servers (8.8.8.8, 8.8.4.4.) EXCEPT - they are blocking some net blocks (issuing spurious negative responses) because of large numbers of nets with hosts in the botnet participating in the attack. - M
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAHu1Y725QYHahwb3Pr7vFPENC_Dqqxv1vfXb-0hzHa9Uj_mahA>