Re: OpenNIC "attack?"

[msjb82 () hotmail com]

   "We would like (if possible) just to block the bogus requests automatically and get a single message warning us that 
someone's infected."

   The problem is, those aren't necessarily bogus requests.  .glue is very much a valid domain name, I have been to 
several .glue domain web sites.
   Maybe this is the reason (in Bind's documentation) they don't recommend logging all traffic if expected traffic is 
to be high.
   At any rate, there are two basic methods to avoid this:

      1) Log only things that go wrong
and   2) restrict TLD lookups

and why in the hell am I replying to a 3 year old post?


'Teach a man to fish...'