Submit your Linux news story here.

How to block DNS queries for specific zone/domains with iptables on Linux

You can use iptables to block any string including DNS requests. This is pretty awesome way to block certain domain or dns queries on Linux.

From the blog post:

I have been seeing a lot of weird/bogus DNS traffic (thousands of queries a second) hitting our servers lately and I decided to try and block it. Specifically I saw tons of requests coming in for proxypipe.net with a bunch of random hosts prepended. Things like: 6Gdb1QlP.f.proxypipe.net., mhl00ULG.e.proxypipe.net., clacqxlG.f.proxypipe.net., etc. I decided I would block all DNS requests that contained the “proxypipe.net” anywhere in the packet.

Comments on this entry are closed.