ServerPronto HowTo Sales: 1-877-24-PRONTO   Live Chat   
Denial of Service Threat Posed by DNS Recursion
P1
Linux -> ISC BIND Name Server -> Denial of Service Threat Posed by DNS Recursion

<PREVIOUS

NEXT>

Denial of Service Threat Posed by DNS Recursion

About DoS Threat

Using spoofed recursive DNS requests to cause distributed denial of service (DDoS) attacks have increased. An attacker sends several thousand spoofed requests at a DNS server that allows recursion, sending a flood of DNS replies taking up space and data. If a DNS Server is misconfigured it can be used as a DNS recursion amplifier, allowing it to be used in a DDoS attack.

To Protect DNS Servers from Abuse

Restricting recursion and preventing DNS-based DoS attacks and cache poisoning by disabling the ability to send additional delegation information can be the first step to protecting DNS server abuse. 

<PREVIOUS

NEXT>