Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
D
D
Denis Verbin2016-06-21 17:26:30
Domain Name System
Denis Verbin, 2016-06-21 17:26:30

How to protect bind from outgoing DDoS?

I remember a series of articles on Habré about a vulnerability in the bind DNS server, the essence of which is that an attacker sends thousands of requests to my bind substituting the victim's IP into the source address, and my DNS server, like thousands of those, sends responses to the victim's IP, organizing this DDoS attack.
Please tell me how to protect your bind from this, I can not find information about this.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
V
Vladimir Dubrovin, 2016-06-21
@rez0n

The attack is called DNS amplification, bind uses RRL to prevent it
https://kb.isc.org/article/AA-00994/0

Similar questions
I
Ilya Beloborodov2016-09-05 23:13:47
Setting up a mail server, what about records? 1Reply
E
exhang2019-02-10 18:43:42
What is the best way to implement a failover service? 1Reply
O
Oleg Tarakanov2014-09-03 10:51:37
How to properly use 2 channels? 2Reply
J
juffinhalli2014-09-03 13:15:39
Why are some of the responses from the internal DNS server empty (ServFail)? 2Reply
M
Maxim2014-09-04 14:26:16
Where is the cant in the DNS records? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question