Protect a Dns Server
I would like protect a Dns server to prevent it to a Flood, Syn Flood, Ddos Attack.
I have think to set this configuration for the TCP/UDP port 53 :
Maximum state entries per host: 5
Maximum new connections / per second: 10/1
My question is, what's the best pratice to protect a DnsServer from DDos attack ?
Cry Havok last edited by
Don't forget that your firewall (pfSense box) is the weak link here - there's nothing stopping somebody simply DDoSing it if you just protect your DNS server.