Ask your upstream provider to filter them. If they won't, filter
them at your router or firewall. If the IP's are inside the
firewall, go turn those computers off



On Feb 23, 2007, at 12:32 PM, Nick Allum wrote:

> Just had a quick question, at the Bind Level, if there was a possible
> Denial of Service coming from only a handful of ip address, would I be
> able just to use an ACL to deny these or will my servers still be
> flooded as it has to process the ACL?
> Of what would be the quickest and easiest way to reduce the effect of
> some type of Denial of Service where I am getting large quantaties of
> requests from the same group of IPS.
>
>
> Thanks