One of the interesting things about owning a server on the Internet is trying to keep the constant barrage of attackers at bay.  A few weeks back, I had been watching the raw traffic with tcpdump, trying to diagnose a problem and saw a huge number of DNS requests.  A closer look revealed the queries were coming in batches of about 3000 to 5000 from the same IP address over the course of a minute or so.  All of the queries were the same: an ANY request for one of the domains I host.  Continue reading DNS Reflection Attacks →