Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
D
D
Denis Verbin2016-06-21 17:26:30
Domain Name System
Denis Verbin, 2016-06-21 17:26:30

How to protect bind from outgoing DDoS?

I remember a series of articles on Habré about a vulnerability in the bind DNS server, the essence of which is that an attacker sends thousands of requests to my bind substituting the victim's IP into the source address, and my DNS server, like thousands of those, sends responses to the victim's IP, organizing this DDoS attack.
Please tell me how to protect your bind from this, I can not find information about this.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
V
Vladimir Dubrovin, 2016-06-21
@rez0n

The attack is called DNS amplification, bind uses RRL to prevent it
https://kb.isc.org/article/AA-00994/0

Similar questions
A
Alexander2019-08-25 23:53:11
Is it safe to use a secret subdomain for the dev version of a project? 1Reply
M
Maxim Romashko2017-03-31 16:29:22
What is the bug in bind9 [debian]? 1Reply
S
Shagj2017-03-31 19:27:24
Premium DNS is it worth it? 4Reply
V
Valentin2015-04-08 14:49:52
Windows 7 won't resolve hosts. How to diagnose the cause? 2Reply
A
Andrey Raboy2015-04-11 23:06:45
How to configure DNS on Win Server 2008 for the entire network? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question