Just deflected a 3k client amplification attack on my public DNS infrastructure. Felt awesome 😂
@eleix That sounds pretty fucking big.
How does stopping that work anyway?
@Violet Just gotta look at the hex coming in with tcpdump and find a string that matches each one and then put that into a block rule on the mangle chain. Using mangle so that the moment in comes in it can be blocked and not take the system down.
@Violet Also I already have a limiter set in iptables so that for any address sending in queries they are rate limited up to 30 queries a minute and up to 4 ANY queries a minute so it wasn't like a constant stream but it was pretty close.
@eleix and poof, strangely the servers seem relieved :p
A general furry public instance. You don't have to be a furry to join. Any and all topics are fair game provided they do not conflict with the Code of Conduct.