On Sat, 2009-01-24 at 07:21, Chris McDonald wrote:
We [AS3491] null0'd the IP earlier. Rest-of-world encouraged to do the same :/
Wrong approach, they are *innocent* in this as are the new targets.
insert into your favourite acl:
deny udp host 126.96.36.199 neq 53 any eq 53
deny udp host 188.8.131.52 neq 53 any eq 53
But it's much less work to add a filter on the name server as others