Stupid DNS DoS again #net
After taking most of August off the annoying Denial of Service "attack" hit me again (previously: March, May, June), culminating in so many requests yesterday that my feeble home router was starting to fall over.
So I threw the towel in the ring and moved the DNS for asjo.org to domæne.shop.
I really like hosting things myself. I think it healthy for me and the internet in general that people do so - instead of having megacorps silo everything.
And more often than not, it's really not that complicated. Not even for email, regardless of what people always say.
So I did not like giving up, but I was growing tired of trying to
block /8 networks and still having my servers receiving several
thousand packets a second.
For looking up asjo.org, for crying out loud: the zone is 36 lines long:
virgil:/etc/bind$ wc -l db.asjoorg
36 db.asjoorg
Anyway, now it takes several minutes for each of my three DNS-servers to receive 1000 DNS packets.
It is no 3.8 Tbps DDoS attack - I don't even know my case is actually an attack, but annoying nonetheless.
I still have no idea why, who, or what the hell. I guess it is just one of those things.
Add comment
How to in excruciating detail…
To avoid spam many websites make you fill out a CAPTCHA, or log in via an account at a corporation such as Twitter, Facebook, Google or even Microsoft GitHub.
I have chosen to use a more old school method of spam prevention.
To post a comment here, you need to:
- Configure a newsreader¹ to connect to the server
- Open the newsgroup called
¹ Such as Thunderbird, Pan, slrn, tin or Gnus (part of Emacs).koldfront.dkon port1119using nntps (nntp over TLS).lantern.koldfrontand post a follow up to the article.Or, you can fill in this form: