27 Jun
2017
27 Jun
'17
2:50 p.m.
Rob,
...I NEVER had udp/53 opened, as I do not offer DNS to the Internet,
only you guys.
In addition, my firewall was blocking the SYN Floods; and I also rate
limit all open ports on my ISP and AMPRNet.
It appears theses packets are coming from a 44 IP address anyway...
:-)
Thanks,
-KB3VWG
/I'll be
closing TCP/53 to the Internet - NOW. /
You need to close UDP/53 as well! It is
widely abused for DDoS amplification,
you really should not offer DNS service on internet unless you have modern software
to do rate limiting etc.