I thought I would post here to see if anyone else is seeing this. I work for a small Telco/ISP. We just had an issue come up in the past few hours (now that people are getting home from work / school and getting on online). There is a massive amount of incoming traffic to port 53 to a large number of users on our network. To the point where our normal load to our DNS servers is about 2 or 3Mbps. there is about 150Mbps worth of traffic using that port coming into our customer base.
We cut this off for the time being by just setting up a rule to block port 53 toward our customers.
I am not finding anything about a new zero day exploit for anything so thought I would see if anyone else know about anything or is seeing anything like their on their networks.
We cut this off for the time being by just setting up a rule to block port 53 toward our customers.
I am not finding anything about a new zero day exploit for anything so thought I would see if anyone else know about anything or is seeing anything like their on their networks.