Date: Wed, 27 Dec 2006 18:41:17 -0500 From: Chuck Swiger <cswiger@mac.com> To: Tek Bahadur Limbu <teklimbu@wlink.com.np> Cc: freebsd-questions@freebsd.org Subject: Re: Need to restrict DNS requests to just 5 per second Message-ID: <4593049D.5030909@mac.com> In-Reply-To: <20061227131153.5a417076.teklimbu@wlink.com.np> References: <20061226171837.5e4c92a0.teklimbu@wlink.com.np> <200612261434875.SM00292@TX2.Go2France.com> <20061227131153.5a417076.teklimbu@wlink.com.np>
next in thread | previous in thread | raw e-mail | index | archive | help
Tek Bahadur Limbu wrote: [ ... ] > Thank you very much for your help and suggestions. Actually, the reason > why I want to implement this restriction is because some clients whose > Windows PCs are infected with viruses and malwares send up to 10-20 > bogus DNS queries per second which causes the traffic utilization to go > almost 5 times high on the dns server. There are legitimate reasons why a client machine might want to make dozens or even hundreds of DNS lookups per second-- or have you never used adns or another webserver logfile analyzer yourself? :-) Please consider solving the problem rather than a symptom. If you experience what you determine to be malicious traffic from a host or traffic which violates your published AUP, please contact the systems' owner or perform firewall egress filtering on such a machine until it gets fixed. -- -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4593049D.5030909>