Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Alexey Andrianov2014-01-31 09:44:17
Domain Name System
Alexey Andrianov, 2014-01-31 09:44:17

How to protect DNS server on BIND from DDoS?

There is a DNS server with BIND9, it has only 5-6 domain zones.
There is fail2ban, which is configured to read security.log
. How to write rules in named.conf so that domains that are on this DNS are processed normally, and left requests (domains that are not on DNS are poured into security.log)?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
V
Vitaly Niksenkin, 2014-01-31
@404666

https://www.cloudflare.com/hosting-partners use this service's API

Report
2
26info, 2014-02-09
@26info

If there is a "high-quality" DDoS, then there is no way to protect, and a trifle of 20-30 megabits is destroyed through iptables, but I remember (a couple of years ago it was), when attacking over a hundred megabits, nothing but the curator (aniddos service) helped :) As a result, then DDoS of several gigabits was repulsed (if the memory does not fail), and dns was kept from the provider, which solves its own problems :).

Similar questions
D
Denis Sechin2015-11-03 14:19:48
Explain how to configure DNS? 4Reply
@
@acmer2011-12-14 06:32:21
Wrapping YouTube in IPv6? 0Reply
K
Kirill Sidorov2011-12-22 12:07:59
Settings for mail on nic.ru 2Reply
M
Mikhail Faito2012-01-23 07:44:05
Check DNS for SOA for a domain? 2Reply
D
Darklez2015-11-08 14:01:43
How to make wp domain mapping on plesk? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question