New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
...but would that work if I was on, say, my phone on cellular? It's DHCP and I have no idea what the ranges could be.
Then again, I don't think there's a way to change DNS on cellular on an iPhone so perhaps this is irrelevant for me.
...for one guy? Even for 100? I'm skeptical they'd notice.
"Hey DNS ops, just want to give you a head's up that we're coming into raindog308's morning timezone and he usually surfs for a bit while he's on the john, so watch your monitors..."
If the client address/range is unpredictable, forget about ACLs. Might still be feasible (but dirty) through clever firewall rules - port knocking, basically...
Nowadays large public dns systems (including the root servers) are designed to withstand (D)DoS in the multi-Gbps range; I doubt they care about a bunch of benevolent guys sparing them some bytes here and there...
http://optimal.com/
https://noad.zone/
https://alternate-dns.com/
isnt one of the above way easier?
Also, can you run privoxy on a router ?
Wouldn't OVHs Anti-DDoS system catch that?
ISPs generally have powerful DNS servers that can handle large amounts of requests, in the tens of billions.
There's another thread here where someone was talking about Telstras DNS and they said they actually noticed a speed improvement when switching to a different DNS servers, I've also heard of ISP DNS servers going down completely so I guess that's not always the case of reliability
Catch what? If i leave my pi hole server open then of course if it gets used for amplification then OVH would block the attack but they would also cut my service until i sort it.
Maybe use a firewall rule to only allow it to send traffic to your IP address?
I just realized what you said earlier in that it's your server sending the attack not someone attacking your server