Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

Advanced DNS Protection

Reply

DNS DDoS Attack

New Member
Posts: 1
2528     0

Do you know how to block all DNS requests that do not correspond to any DNS record on Public DNS ?

Re: DNS DDoS Attack

Superuser
Posts: 20
2529     0

I know this is an old post, but I am curious what your intentions were. There is a standard DNS response code called "NXDOMAIN" (non-existent domain) that indicates this name is "not found" (think of it like the HTTP 404 code). If you want to, you can configured Infoblox ADP (Advanced DNS Protection) to not pass on anything that has a NXDOMAIN response. However, I am not sure what you are accomplishing here.

 

To the clients, they will ask for xyz.example.com (does not exist), and the response they will typically get is NXDOMAIN, and you can configured a custom response such as NODATA or something else. But the end result is the same, the client does not get an answer.

 

Perhaps you are interested in limiting who can query the DNS server? For example, who can ask your DNS server to look up xyz.example.com in the first place?

Showing results for 
Search instead for 
Did you mean: 

Recommended for You