DNS amplification DoS attacks
A domain-name dystem (DNS) amplification attack exploits open DNS resolvers by performing a spoofed query of all record types for a given domain. The effectiveness of this attack can be increased by employing a DDoS component as well by sending requests to multiple open resolvers simultaneously.
Getting ready
To simulate a DNS amplification attack, you will need to either have a local nameserver or know the IP address of an open and publicly accessible nameserver. In the examples provided, an installation of Ubuntu is used as a scan target. For more information on setting up Ubuntu, refer to the Installing Windows Server recipe in Chapter 1, Getting Started.
How to do it…
To perform a DNS amplification attack, follow the given steps:
- In order to understand how DNS amplification works, one can use a basic DNS query utility such as
host
,dig
, ornslookup
: - By performing a request for all record types associated with a well-established domain, you will notice that some...