From owner-freebsd-questions@FreeBSD.ORG  Wed Jun  3 23:57:19 2015
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 8165A757
 for <freebsd-questions@freebsd.org>; Wed,  3 Jun 2015 23:57:19 +0000 (UTC)
 (envelope-from freebsd@pki2.com)
Received: from btw.pki2.com (btw.pki2.com [IPv6:2001:470:a:6fd::2])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 47E521251
 for <freebsd-questions@freebsd.org>; Wed,  3 Jun 2015 23:57:19 +0000 (UTC)
 (envelope-from freebsd@pki2.com)
Received: from localhost (localhost [IPv6:::1])
 by btw.pki2.com (8.14.9/8.14.9) with ESMTP id t53Nv1OY045513;
 Wed, 3 Jun 2015 16:57:01 -0700 (PDT) (envelope-from freebsd@pki2.com)
DMARC-Filter: OpenDMARC Filter v1.3.1 btw.pki2.com t53Nv1OY045513
Authentication-Results: btw.pki2.com; dmarc=none header.from=pki2.com
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=pki2.com; s=pki2;
 t=1433375822; bh=UnEOlLLeNkldeSRCd7Y2D0a12waiUXg2v7tBF1huMJM=;
 h=Subject:From:To:Cc:Date:In-Reply-To:References;
 z=Subject:=20Re:=20port=2053=20under=20attack|From:=20Dennis=20Glat
 ting=20<freebsd@pki2.com>|To:=20joeb1=20<joeb1@a1poweruser.com>|Cc
 :=20"freebsd-questions@freebsd.org"=20<freebsd-questions@freebsd.o
 rg>|Date:=20Wed,=2003=20Jun=202015=2016:57:01=20-0700|In-Reply-To:
 =20<556F87A6.8090105@a1poweruser.com>|References:=20<556F87A6.8090
 105@a1poweruser.com>;
 b=tNirZ22hTOWRRxN2ihfp1ZOOWxcdn3xRnBFnw0e4fonItBfNcNWaHW3+V593LpgX2
 Wsn29vgeQUZX7VNSDsQup68jJ1E38D7ak/2SveEwU6I/dd2HPnU7F2YBjS1EtRDAng
 ZHA6CnQZgcbrGSobvG/eZXRVaNPbfj2dD3ejHI6Xie5sARFfrP8TZvvFIHDsTq9JxC
 iivqrtBBkYOdMeWbGQ2+1wGDqPr3qlQWz04I4yFOls77glIXHHMNDetq6lPdg6iKpC
 htWv15Xs5D1rJWTtj95z8O1EIrHaR0O13Dy6IdBGYmmVc9SejkmQRFtMLM7JBV1qPS
 jGZjsI0Yz4WEA==
Message-ID: <1433375821.72071.40.camel@pki2.com>
Subject: Re: port 53 under attack
From: Dennis Glatting <freebsd@pki2.com>
To: joeb1 <joeb1@a1poweruser.com>
Cc: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org>
Date: Wed, 03 Jun 2015 16:57:01 -0700
In-Reply-To: <556F87A6.8090105@a1poweruser.com>
References: <556F87A6.8090105@a1poweruser.com>
Content-Type: text/plain; charset="UTF-8"
X-Mailer: Evolution 3.12.11 FreeBSD GNOME Team Port 
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
X-SoftwareMunitions-MailScanner-Information: Dennis Glatting
X-SoftwareMunitions-MailScanner-ID: t53Nv1OY045513
X-SoftwareMunitions-MailScanner: Found to be clean
X-MailScanner-From: freebsd@pki2.com
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Jun 2015 23:57:19 -0000

On Wed, 2015-06-03 at 19:03 -0400, joeb1 wrote:
> Hello list
> :
> My firewall blocks unsolicited inbound traffic on port 53. I realize 
> this is the DNS port. But I am getting over 200K  hits per day from ip 
> addresses from all over the world. My host has a dynamic ip address. Is 
> there any valid reason for this to be happening?

You could be used as a DOS amplifier.