This article will guide you on different methods to mitigate DNS amplification attack. Basically, DDoS attacks can really freeze websites or even cause server downtime.
DNS flood is a type of Distributed Denial of Service (#DDoS) attack in which the attacker targets one or more Domain Name System (DNS) servers belonging to a given zone, attempting to hamper resolution of resource records of that zone and its sub-zones.
A Domain Name Server (#DNS) Amplification attack is a popular form of Distributed Denial of Service (DDoS), in which attackers use publically accessible open DNS servers to flood a target system with DNS response traffic.
1. UDP reflection attacks exploit the fact that UDP is a stateless protocol.
2. An attacker then sends the UDP packet containing the spoofed source IP to an intermediate server.
3. The server is tricked into sending its UDP response packets to the targeted victim IP rather than back to the attacker's IP address.