LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Closed Thread
  Search this Thread
Old 04-29-2014, 09:52 AM   #1
NewLegend
LQ Newbie
 
Registered: Oct 2012
Posts: 18

Rep: Reputation: Disabled
Iptables Drop DNS Damion resolving


Hello
In last three months we faced DNS amplification attacks from more then 1000 different source IPs to one domain only, please check log file below,

13:56:40.261793 IP (tos 0x0, ttl 124, id 23273, offset 0, flags [none], proto: UDP (17), length: 72) X.X.X.X.64154 > Y.Y.Y.Y.domain: [udp sum ok] 40021+ A? uhjoabgwpkh.www.wfgj18.com. (44)

Is there any way to use Iptables to drop the fake domain "wfgj18.com" ?

Thanks ,,,
 
Old 04-29-2014, 01:50 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,393
Blog Entries: 55

Rep: Reputation: 3565Reputation: 3565Reputation: 3565Reputation: 3565Reputation: 3565Reputation: 3565Reputation: 3565Reputation: 3565Reputation: 3565Reputation: 3565Reputation: 3565
Please post your thread in only one forum. Posting a single thread in the most relevant forum will make it easier for members to help you and will keep the discussion in one place. This thread is being closed because it is a duplicate of https://www.linuxquestions.org/quest...ng-4175503342/.
 
  


Closed Thread


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Iptables Drop DNS Damion resolving NewLegend Linux - Networking 16 05-09-2014 06:43 AM
Is it necessary to drop specific flags in IPTABLES with an INPUT DROP policy? rootaccess Linux - Networking 5 08-22-2012 09:10 PM
DNS Resolving kaitech76 Linux - Networking 14 04-08-2009 03:59 PM
iptables - drop all -> allow needed OR allow all -> drop specific lucastic Linux - Security 5 12-21-2004 03:07 AM
/etc/hosts resolving before DNS resolving ? markraem Linux - Networking 4 11-02-2003 05:54 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 03:39 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration