[Unbound-users] Python API extension patch proposal

Tarko Tikan tarko at lanparty.ee
Mon Jan 5 08:42:03 UTC 2015


> I am currently in the process of dealing with water torture attacks on
> our cache DNS servers (<randomstring>.domain.com queries that never
> resolve and end up causing enormous upstream traffic, ultimately
> crushing the authoritative server for domain.com).

I wrote https://github.com/tarko/unbound-reqmon while ago to mitigate 
this issue. This will block the domain that is being used for the abuse.

PS! It will need constant attention because it will happily block co.uk, 
com.tw etc. at this point. The logic must really be improved if these 
attacks persist.


More information about the Unbound-users mailing list