IP Address Blocking dialog
(Main window -> Tools menu -> IP Address Blocking)
Copyright © 1999-2008 JH Software ApS
IP Address Blocking dialog (Main window -> Tools menu -> IP Address Blocking) |
Simple DNS Plus v. 5.1 Copyright © 1999-2008 JH Software ApS |
|
Someone sending an extreme number of DNS requests in rapid succession may be a hacker trying to crash the server or prevent others from using the service.
You can use the functions in this dialog to automatically or manually block such hackers or IP addresses which for any reason run amok sending you DNS requests.
Please note that this feature does not block network traffic other than DNS requests - to block any other type traffic use a firewall.
If you enable automatic blocking, make sure to add any local computers and servers that you know may send a lot of DNS requests on the "Trusted IP Addresses" first.
Especially e-mail servers may send a lot of DNS requests to check the validity of incoming e-mails.
The "IP Address Blocking" dialog has 3 tabs:
| • | Auto Blocking |
| • | Automatically block IP addresses which send too many DNS requests too quickly (DOS attack) |
Use to enable/disable automatic blocking
| • | Max. DNS requests per second |
When an IP address sends more than this number of DNS requests in one second, it will be automatically be blocked (an entry will be added to list on the "Blocked IP Addresses" tab) and further requests from this IP address are ignored.
A typical workstation computer should not send more than 10-25 requests in one second, but we recommend you set this value to at least 30 so that no legitimate clients get blocked.
| • | Block |
Specify for how long automatic blocks should last (when/if the automatically added IP blocking should expire).
| • | Blocked IP Addresses List of IP addresses currently blocked. You can add, edit, and remove entries. When you add or edit an entry you can specify the IP address (single, range, or subnet) to block, for how long, and comments. To quickly remove multiple items from the list, you can hold down the Shift or Ctrl keys while selecting items and then click the "Remove" button. |
| • | Trusted IP Addresses List of IP addresses are trusted and will not be blocked automatically. You can add, edit, and remove entries. When you add or edit an entry you can specify the IP address (single, range, or subnet) to trust, for how long, and comments. To quickly remove multiple items from the list, you can hold down the Shift or Ctrl keys while selecting items and then click the "Remove" button. |
See also How to secure your server