Date: Thu, 28 Dec 2006 17:17:28 +0545 From: Tek Bahadur Limbu <teklimbu@wlink.com.np> To: Chuck Swiger <cswiger@mac.com> Cc: freebsd-questions@freebsd.org Subject: Re: Need to restrict DNS requests to just 5 per second Message-ID: <20061228171728.ab8781d5.teklimbu@wlink.com.np> In-Reply-To: <4593049D.5030909@mac.com> References: <20061226171837.5e4c92a0.teklimbu@wlink.com.np> <200612261434875.SM00292@TX2.Go2France.com> <20061227131153.5a417076.teklimbu@wlink.com.np> <4593049D.5030909@mac.com>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 27 Dec 2006 18:41:17 -0500 Chuck Swiger <cswiger@mac.com> wrote: > Tek Bahadur Limbu wrote: > [ ... ] > > Thank you very much for your help and suggestions. Actually, the > > reason why I want to implement this restriction is because some > > clients whose Windows PCs are infected with viruses and malwares > > send up to 10-20 bogus DNS queries per second which causes the > > traffic utilization to go almost 5 times high on the dns server. > > There are legitimate reasons why a client machine might want to make > dozens or even hundreds of DNS lookups per second-- or have you never > used adns or another webserver logfile analyzer yourself? :-) > > Please consider solving the problem rather than a symptom. > > If you experience what you determine to be malicious traffic from a > host or traffic which violates your published AUP, please contact the > systems' owner or perform firewall egress filtering on such a machine > until it gets fixed. > > -- > -Chuck > Hello Chuck, I will definitely try what you stated. Thanks. - -- With best regards and good wishes, Yours sincerely, Tek Bahadur Limbu (TAG/TDG Group) Jwl Systems Department Worldlink Communications Pvt. Ltd. Jawalakhel, Nepal -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (FreeBSD) iD8DBQFFk6tMVrOl+eVhOvYRAjTgAJ0R94qZr/nrb6DLGWM45YIQJQLpFQCcDurr ED5wdp+F0Gzs9ntFB+EunVk= =BA7b -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20061228171728.ab8781d5.teklimbu>