DGA Attack mitigation
Paul Vixie
paul at redbarn.org
Mon Apr 9 19:15:48 UTC 2018
Rainer Duffner via Unbound-users wrote:
>
>
>> Am 09.04.2018 um 20:04 schrieb Mahdi Adnan via Unbound-users
>> <unbound-users at unbound.net <mailto:unbound-users at unbound.net>>:
>>
>> Im running 20 Unbound servers and around 20% of response are NXDOMAIN,
>> for queries coming from my clients.
>
>
>
> Block those IPs that are obviously p4wned until they clean up their PCs?
the source addresses are forged. the victims are not unclean in any way.
this is why rrl exists.
--
P Vixie
More information about the Unbound-users
mailing list