Hi, HamWAN has been used as a DNS amplifier in a DDoS attack. I'm tied up with acquiring some chip fab gear the next couple days (yay!). Can I ask you guys with net ops access to go through the whole network and disable DNS service everywhere? Example of problem: eo@jo ~ $ dig @44.24.240.133 google.com. A +recurse ; <<>> DiG 9.9.2 <<>> @44.24.240.133 google.com. A +recurse ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65363 ;; flags: qr rd ra; QUERY: 1, ANSWER: 11, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;google.com. IN A ;; ANSWER SECTION: google.com. 300 IN A 173.194.33.70 google.com. 300 IN A 173.194.33.66 google.com. 300 IN A 173.194.33.69 google.com. 300 IN A 173.194.33.65 google.com. 300 IN A 173.194.33.68 google.com. 300 IN A 173.194.33.72 google.com. 300 IN A 173.194.33.73 google.com. 300 IN A 173.194.33.64 google.com. 300 IN A 173.194.33.71 google.com. 300 IN A 173.194.33.67 google.com. 300 IN A 173.194.33.78 ;; Query time: 51 msec ;; SERVER: 44.24.240.133#53(44.24.240.133) ;; WHEN: Sat Oct 12 22:56:37 2013 ;; MSG SIZE rcvd: 204 PS: We gotta get some automation up in here for config control. --Bart