Prevent DNS DoS attack
Hi All,
I have configured a DNS server on my RHEL 5.0 machine. I have just come across a term Denial-of-Service attack (DoS attack) or Distributed Denial-of-service attack (DDoS attack). Just for learning purpose, could you please guide how can I prevent my DNS server from DoS attacks. Any links, docs would be sufficient. :) Thanks in advance. |
Well the first things are to make sure you don't allow zone transfers except from your slaves and then to make sure you only allow recursive queries from you internal network.
After that you'll have to specify what kind of DOS attack you're being plagued with because most of it should be legitimate requests at that point. Regards, Alunduil |
Quote:
|
Quote:
|
Quote:
If you don't mind I'll suggest that you should do a little more research and background reading to stay on top of the security situation, because if this is the first time that you've heard about DoS attacks, there could be a lot of other stuff that you are missing. Quote:
Now, what does this server do? does it just give you name services for an internal network? If so, you are concerned about DoS (or DDoS) attacks from your internal network. This does not seem like the most likely interpretation of your concerns, but it would help clarity for you to confirm or deny it. Possibly, your DNS server only caches name responses from the internet. This would be a more likely thing to cause legitimate and reasonable concern. In this case, you would have a firewall between your DNS server and the internet. You should, therfore, be able to take measures in you firewall to protect your DNS server. What is this firewall? Or maybe the DNS box does both? Or maybe you have a master and slave(s)? Or a redundant failover system? And what software are you using for DNS? If you want the best answer for your situation, please provide all of the information, otherwise people are likely to give you sub-optimal answers. OK, I'll take you literally and supply this link. You didn't seem to have an interest, but you did say that "Any links, docs would be sufficient." And it will give you something else to think about. |
Quote:
|
All times are GMT -5. The time now is 05:53 PM. |