cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrija Panic <andrija.pa...@gmail.com>
Subject Re: DNS amplification attack to CloudStack VR running dnsmasq
Date Mon, 15 Dec 2014 12:22:43 GMT
Indra, did you observe this on Shared Network - I had same issue with
Shared Network (public IPs) in Advanced Zone.

I think VR for VPC is NOT a problem...

On 15 December 2014 at 13:13, Indra Pramana <indra@sg.or.id> wrote:
>
> Dear all,
>
> We are using CloudStack 4.2.0 with KVM hypervisors.
>
> Is there a way to prevent our virtual routers (VRs) to be targeted by DNS
> amplification attack? It seems that the DNS services on dnsmasq running on
> the VRs are by default recursive, causing it to easily be targeted for DNS
> amplification attack.
>
> Any advice on how to overcome this?
>
> Looking forward to your reply, thank you.
>
> Cheers.
>


-- 

Andrija Panić

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message