DNS Query Flood is a type of DDoS attack that belongs to the application attacks family. During the attack, the attacker sends a succession of UDP packets to a DNS server in attempt to exhaust server-side assets such as CPU or memory. By that. the attack prevent the server from direct legitimate requests to zone resources.
Not like DNS amplification attack that wish to exhausting bandwidth capacity and by that saturate the network, the DNS quert attack hurts the server itself.
Relying on UDP protocol, makes the packets information easy to spoofing (IP, data size ect.). Hence, this attack traffic is hard to distinguish from legitimate one and hard to mitigate.
ARE YOU READY ?
Answer seven online questions and get a free report assessing your protection status with recommendations for improvement