<div class="gmail_quote">On Mon, Sep 17, 2012 at 3:28 PM, Paul Sierks <span dir="ltr"><<a href="mailto:psierks@sierkstech.net" target="_blank">psierks@sierkstech.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Sorry for any confusion, of which I'm sure I'm about to add to. But this particular box doesn't have an internal network, just one interface on the internet. Also I think a lot of the problem in my case is the allowed IP addresses change on a regular basis, quite often.</blockquote>
<div><br></div><div>Then I think we're back at Gille's original response -- don't do it! :) There are many better public DNS servers out there, such as Google/s 8.8.8.8 and 8.8.4.4.</div><div><br></div><div>Failing that, mitigate the risk with an iptables filter to prevent your host from being the source of the DDOS.</div>
<div><br></div><div>Sean</div><div><br></div></div>-- <br>Sean Walberg <<a href="mailto:sean@ertw.com" target="_blank">sean@ertw.com</a>> <a href="http://ertw.com/" target="_blank">http://ertw.com/</a><br>