Displaying 1 result from an estimated 1 matches for "smurfmonitor".
2013 Sep 23
3
Custom iptables rules to drop DNS Amplification Attacks
...horewall:
iptables --insert INPUT -p udp --dport 53 -m u32 --u32 "0x28&0xFFDFDFDF=0x055a5a47 && 0x2c&0xDFDFFFDF=0x53540343 && 0x30&0xDFDFFFFF=0x4f4d0000" -j DROP
This kind of rules need to block a DNS Amplification Attack.
I found this file https://github.com/smurfmonitor/dns-iptables-rules/blob/master/domain-blacklist.txt where we can find iptables rules to prevent this kind of attack by filter message request.
I already found http://www.shorewall.net/pub/shorewall/contrib/DNSDDOS/ but seems old and ineffective
Is there any way to do that on shorewall?
Best rega...