Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Alexey Andrianov2014-01-31 09:44:17
Domain Name System
Alexey Andrianov, 2014-01-31 09:44:17

How to protect DNS server on BIND from DDoS?

There is a DNS server with BIND9, it has only 5-6 domain zones.
There is fail2ban, which is configured to read security.log
. How to write rules in named.conf so that domains that are on this DNS are processed normally, and left requests (domains that are not on DNS are poured into security.log)?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
V
Vitaly Niksenkin, 2014-01-31
@404666

https://www.cloudflare.com/hosting-partners use this service's API

Report
2
26info, 2014-02-09
@26info

If there is a "high-quality" DDoS, then there is no way to protect, and a trifle of 20-30 megabits is destroyed through iptables, but I remember (a couple of years ago it was), when attacking over a hundred megabits, nothing but the curator (aniddos service) helped :) As a result, then DDoS of several gigabits was repulsed (if the memory does not fail), and dns was kept from the provider, which solves its own problems :).

Similar questions
A
Andrew2015-06-28 15:31:11
DNS bind. How to create a domain zone for a local network on a home server? 1Reply
E
eth422017-06-08 18:54:33
How does Windows deal with DNS? 1Reply
P
Pista2019-11-14 14:10:06
What NS should be specified for the domain when using DNS hosting? 2Reply
E
Egorynsky2015-07-08 01:58:33
105 error, DNS error. How to solve the problem of the Internet? 3Reply
D
Danil Andreev2017-06-20 21:58:31
How does dns work? 4Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question