What is DNS amplification attack

DNS Amplification is a distributed denial of service (DDoS) attack , among , Attackers exploit the domain name system (DNS) Vulnerabilities in the server , Turn the initial small query into a large load , Achieve its purpose of destroying the victim server . DNS Amplification is a reflection attack , It can publicly access the domain name system through manipulation , With a large amount of UDP Drown a specific target . Using various amplification techniques , Attacker can ” Zoom in ” these UDP The size of the package , Make the attack powerful , It can even destroy the most powerful Internet infrastructure .

DNS Amplification is an asymmetrical DDoS attack , among , The attacker sends out a false target IP Smaller query requests , Make the deceived target bigger DNS The recipient of the response . Use these attacks , The attacker achieved his goal ： Saturate the network by continuously consuming bandwidth capacity .

You need to make sure you have something close to you ISP Get the emergency telephone number to contact at any time . such , Once such an attack occurs , You can immediately contact ISP contact , Let them filter out this attack upstream . To recognize this attack , You want to view the contents DNS Reply to a large number of communications ( Source UDP port 53), Especially look at those who have a lot DNS Recorded port . some ISP Sensors have been deployed throughout its network to detect various types of early mass communications . such , Yours ISP It's likely that you found and avoided this attack before you found it .

　　 Last , In order to prevent malicious people from using your DNS Server as implementation DNS Magnify the agent of the attack , You need to make sure you can access it from outside DNS The server only performs circular queries for your own network , Do not make such inquiries for any addresses on the Internet . Most of the major DNS The server has the ability to limit circular queries , therefore , They only accept queries from certain Networks , For example, your own network . By preventing the use of circular queries to load large harmful DNS Record , You can prevent your DNS The server becomes part of this problem .