Maybe try Fail2Ban on your server?
-----Original Message-----
From: CentOS <centos-bounces@xxxxxxxxxx> On Behalf Of Robert Moskowitz
Sent: Tuesday, August 2, 2022 2:03 PM
To: CentOS mailing list <centos@xxxxxxxxxx>
Subject: [External] BIND server getting DDOS
I just, maybe, figured out why I have been having problems with my CentOS DNS server with BIND 9.11.4.
Aug 2 15:47:19 onlo named[6155]: client @0xaa3cad80 114.29.194.4#11205
(.): view external: query (cache) './A/IN' denied Aug 2 15:47:19 onlo named[6155]: client @0xaa3cad80
114.29.216.196#64956 (.): view external: query (cache) './A/IN' denied Aug 2 15:47:19 onlo named[6155]: client @0xaa3cad80 64.68.114.141#39466
(.): view external: query (cache) './A/IN' denied Aug 2 15:47:19 onlo named[6155]: client @0xaa3cad80
209.197.198.45#13280 (.): view external: query (cache) './A/IN' denied Aug 2 15:47:19 onlo named[6155]: client @0xaa3cad80
114.29.202.117#41955 (.): view external: query (cache) './A/IN' denied Aug 2 15:47:19 onlo named[6155]: client @0xaa3cad80 62.109.204.22#4406
(.): view external: query (cache) './A/IN' denied Aug 2 15:47:49 onlo named[6155]: client @0xa9420720 64.68.104.9#38518
(.): view external: query (cache) './A/IN' denied Aug 2 15:47:50 onlo named[6155]: client @0xaa882dc8 114.29.202.117#9584
(.): view external: query (cache) './A/IN' denied
grep -c denied messages
46038
And that is since Jul 31 3am.
Anyone have recommendations on how to stop this?
thanks
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
