US-CERT Alert (TA13-088A) DNS Amplification Attacks (Revised 22 July 2013)
 

US-CERT has released, July 22, 2013: Minor updates to recursion and RRL advice.

See https://www.us-cert.gov/ncas/alerts/TA13-088A.

If you are using BIND it is worth your time to read.

Thank you very much for this, never heard of this before :)

You're welcome.

Something you may want to take a look at is http://www.us-cert.gov/; down at the bottom of the page you can Subscribe to Alerts (there are other lists too, check around at the web site). You won't be bombarded with notices but you will get the ones that are meaningful and worth a read.

Hope this helps some.

Many Thanks for posting this thread! Lots of useful info there. Knowledge is empowerment. Though Linux is much more secure than any version of Windows, security still must be of concern to all.

This OS, I frequently use when making purchases/online banking, it's a thin Linux client that can be ran via live CD or USB Flash drive, which is used by the US Air Force for secure computing. Ships with Firefox, Libre Office & Adobe Reader. Although it can be used as a general lightweight portable OS, it's recommended to reboot before prior to doing anything critical.

http://www.spi.dod.mil/lipose.htm

I initially ran across this OS on the US-CERT site a couple of years back & recommend it to anyone who wants a secure computing experience that's basically boot & run. Plus there's other security related materials on the site, including encryption tools that's free for the public.

Cat

You're welcome.

I've found CERT to be an unbiased source of not only "there's a problem" but also "here's what you can do about it." The recent Java flap being an example (their advice: disable the Java plugin in any browser; good advice). Never really could imagine why executing something on your computer from a web page would be a good idea (like: security hole!) but there you are.

Worth you time to subscribe to the alerts and give 'em a read when they come -- you don't get bombarded, you just get the important ones (well, you do get every Patch Tuesday which, you know, stands to reason, eh? I do not envy Microcrap users in any way, I won't allow it on the property).