Maintained by: NLnet Labs

[Unbound-users] Python API extension patch proposal

Tarko Tikan
Mon Jan 5 09:42:03 CET 2015


> I am currently in the process of dealing with water torture attacks on
> our cache DNS servers (<randomstring> queries that never
> resolve and end up causing enormous upstream traffic, ultimately
> crushing the authoritative server for

I wrote while ago to mitigate 
this issue. This will block the domain that is being used for the abuse.

PS! It will need constant attention because it will happily block, etc. at this point. The logic must really be improved if these 
attacks persist.