Maintained by: NLnet Labs

[Unbound-users] Python API extension patch proposal

Tarko Tikan
Mon Jan 5 09:42:03 CET 2015


hey,

> I am currently in the process of dealing with water torture attacks on
> our cache DNS servers (<randomstring>.domain.com queries that never
> resolve and end up causing enormous upstream traffic, ultimately
> crushing the authoritative server for domain.com).

I wrote https://github.com/tarko/unbound-reqmon while ago to mitigate 
this issue. This will block the domain that is being used for the abuse.

PS! It will need constant attention because it will happily block co.uk, 
com.tw etc. at this point. The logic must really be improved if these 
attacks persist.

-- 
tarko