Short Take – DNS Challenge And Response

DNS servers tend to be large and powerful machines with asymmetric traffic patterns. This leads to them being excellent tool for DDoS amplification attacks. In this Short Take, Russ takes a look at how DNS amplification works and some of the mitigating factors that can be taken to reduce the risk.

Russ White

One Comment

  1. Marcin
    March 17, 2020

    Hi Russ,

    [between 2:15 – 2:30]:
    > In other words, they don’t spoof a host requesting a DNS response from
    > a recursive server. In most attacks, the attacker uses a TLD or authoritative
    > server as their reflector.

    Do you have any numbers on how often that happens, i.e. attacks misusing resolvers vs. attacks misusing authoritative servers?

    Also, is there any research paper looking into this?

    Thank you!

Leave a Reply

Your email address will not be published. Required fields are marked *