[Unbound-users] Python API extension patch proposal

[Tarko Tikan]

hey,

> I am currently in the process of dealing with water torture attacks on
> our cache DNS servers (<randomstring>.domain.com queries that never
> resolve and end up causing enormous upstream traffic, ultimately
> crushing the authoritative server for domain.com).

I wrote https://github.com/tarko/unbound-reqmon while ago to mitigate 
this issue. This will block the domain that is being used for the abuse.

PS! It will need constant attention because it will happily block co.uk, 
com.tw etc. at this point. The logic must really be improved if these 
attacks persist.

-- 
tarko