Re: OT misunderstood crackers
> On Jan 10, 2016, at 12:48 PM, <tomas@tuxteam.de> <tomas@tuxteam.de> wrote:
>
> Perhaps some miscreants are trying to use/using your DNS server for
> DNS amplification attacks [1] (they use open DNS servers to multiply
> their DDOS (distributed denial of service) attack force by spoofing
> the sender's address in their request (the spoofed sender becomes the
> victim)
An interesting thought. But they don't get too far with the rate limiter in the packet filter -- I don't send anything back (to the spoofed sender), I just drop the packet. Sorry to break their DDOS amplifier :-)
--
Glenn English
Reply to: