babywd 发表于 2014-01-30 11:20

bind9 dns服务器惨遭ddos求解啊



从昨日上午10点开始,dns服务器流量倍增,查看query日志,发现大量攻击日志,看了网上那个自动将IP添加到blackhole的方法,但总觉得不靠谱,因为这IP太多了,求更好的办法啊
bind版本BIND 9.3.6-P1-RedHat-9.3.6-20.P1.el5_8.5

29-Jan-2014 17:57:19.155 queries: client 95.38.81.79#55694: view view_any: query: jong.zong.co.ua IN ANY +E
29-Jan-2014 17:57:19.156 queries: client 95.38.81.79#27494: view view_any: query: jong.zong.co.ua IN ANY +E
29-Jan-2014 17:57:19.156 queries: client 192.99.18.44#29921: view view_any: query: jong.zong.co.ua IN ANY +E
29-Jan-2014 17:57:19.156 queries: client 24.232.48.174#2550: view view_any: query: jong.zong.co.ua IN ANY +E
29-Jan-2014 17:57:19.156 queries: client 71.80.155.72#29338: view view_any: query: jong.zong.co.ua IN ANY +E
29-Jan-2014 17:57:19.157 queries: client 192.99.18.44#54399: view view_any: query: jong.zong.co.ua IN ANY +E
29-Jan-2014 17:57:19.157 queries: client 192.99.18.44#40684: view view_any: query: jong.zong.co.ua IN ANY +E
29-Jan-2014 17:57:19.157 queries: client 24.232.48.174#64743: view view_any: query: jong.zong.co.ua IN ANY +E
29-Jan-2014 17:57:19.158 queries: client 67.163.97.217#56647: view view_any: query: jong.zong.co.ua IN ANY +E
29-Jan-2014 17:57:19.158 queries: client 192.99.18.44#56257: view view_any: query: jong.zong.co.ua IN ANY +E

顺便问个问题 最后那个+E是什么意思

babywd 发表于 2014-01-31 09:37

求解啊。。这摆明不让我过好节啊
页: [1]
查看完整版本: bind9 dns服务器惨遭ddos求解啊