Results 1 to 2 of 2
Enjoy an ad free experience by logging in. Not a member yet? Register.
- Join Date
- Mar 2013
'isc.org/ANY/IN' denied: 1466 Time(s) hacking solution
I've been getting these messages ('isc.org/ANY/IN' denied: 1466 Time(s) ) through on my logwatch. I'm a bit of an amateur but have done quite a bit of research on this and found these 2 rules for my iptables -
iptables -I INPUT 1 -p udp --dport 53 -m string --from 50 --algo bm --hex-string '|0000FF0001|' -m recent --set --name dnsanyquery
iptables -I INPUT 2 -p udp --dport 53 -m string --from 50 --algo bm --hex-string '|0000FF0001|' -m recent --name dnsanyquery --rcheck --seconds 60 --hitcount 5 -j DROP
However having installed them I'm still getting the same messages. I'd be really grateful if somebody was able to tell me what I've done wrong.
Thanks very much,
It's a reflection attack. You're not under attack per se. But crap is being "bounced" off of you and your bandwidth is being utilized to attack others.
Dig through the links below and follow the links inside the links. Do some reading and use these links to help you do some Googles. There's lots of info available on what this is and what can be done about it.