[Unbound-users] a mitigation against random subdomain attack
Daisuke HIGASHI
daisuke.higashi at gmail.com
Sun Mar 22 12:31:34 UTC 2015
Hi,
I have implemented mitigation against random subdomain DoS attack (or
sometime referred as water torture attack) for Unbound utilizing
bloomfilter.
https://github.com/hdais/unbound-bloomfilter
It learns qnames which resulted in noerror using bloomfilter in peace
time. When a domain is set to be bloomfiltered (manually or
automatically) it accepts only qnames to be noerror for the domain.
This effectively refuse only bad random queries that result would be
nxdomain while keeping the domain resolvable.
Regards,
--
Daisuke HIGASHI
More information about the Unbound-users
mailing list