http://www.rfc-editor.org/rfc/rfc5358.txt
RFC 5358: Preventing Use of Recursive Nameservers in Reflector Attacks, J. Damas, F. Neves2008-10-01T23:00:00-00:00This document describes ways to prevent the use of default configured recursive nameservers as reflectors in Denial of Service (DoS) attacks. It provides recommended configuration as measures to mitigate the attack. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.