Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 27 Dec 2006 18:41:17 -0500
From:      Chuck Swiger <cswiger@mac.com>
To:        Tek Bahadur Limbu <teklimbu@wlink.com.np>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: Need to restrict DNS requests to just 5 per second
Message-ID:  <4593049D.5030909@mac.com>
In-Reply-To: <20061227131153.5a417076.teklimbu@wlink.com.np>
References:  <20061226171837.5e4c92a0.teklimbu@wlink.com.np> <200612261434875.SM00292@TX2.Go2France.com> <20061227131153.5a417076.teklimbu@wlink.com.np>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
Tek Bahadur Limbu wrote:
[ ... ]
> Thank you very much for your help and suggestions. Actually, the reason
> why I want to implement this restriction is because some clients whose
> Windows PCs are infected with viruses and malwares send up to 10-20
> bogus DNS queries per second which causes the traffic utilization to go
> almost 5 times high on the dns server.

There are legitimate reasons why a client machine might want to make dozens or 
even hundreds of DNS lookups per second-- or have you never used adns or 
another webserver logfile analyzer yourself?  :-)

Please consider solving the problem rather than a symptom.

If you experience what you determine to be malicious traffic from a host or 
traffic which violates your published AUP, please contact the systems' owner 
or perform firewall egress filtering on such a machine until it gets fixed.

-- 
-Chuck



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?4593049D.5030909>