That doesn't help, because there's no way to securely work out the sender of a UDP packet. The attacker just has to forge the source address on their UDP packets -- and if they forge it to be the *real* DNS server, then they might even trick you into blacklisting the real server.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds