Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.

Advanced DNS Protection

Reply

DNS DDoS Attack

New Member
Posts: 1
1517     0

Do you know how to block all DNS requests that do not correspond to any DNS record on Public DNS ?

Re: DNS DDoS Attack

Superuser
Posts: 22
1517     0

I know this is an old post, but I am curious what your intentions were. There is a standard DNS response code called "NXDOMAIN" (non-existent domain) that indicates this name is "not found" (think of it like the HTTP 404 code). If you want to, you can configured Infoblox ADP (Advanced DNS Protection) to not pass on anything that has a NXDOMAIN response. However, I am not sure what you are accomplishing here.

 

To the clients, they will ask for xyz.example.com (does not exist), and the response they will typically get is NXDOMAIN, and you can configured a custom response such as NODATA or something else. But the end result is the same, the client does not get an answer.

 

Perhaps you are interested in limiting who can query the DNS server? For example, who can ask your DNS server to look up xyz.example.com in the first place?

Showing results for 
Search instead for 
Did you mean: 

Recommended for You