DDoS Glossary

DNS Reflected Amplification Flood

DNS Reflected Amplification Flood is a type of DDoS attack that belongs to the application attacks family. During the attack, the attacker exploites a vulnerability in publically-accessible domain name systems (DNS) to flood the target with large number of UDP packets. This attack has two main features:

Amplification: Using those DNS servers and various amplification techniques the attacker can turn initially small requests into much larger one, who will easilly bring down the victim's server. For example, using one request of "ANY" query type, will return all known information about a DNS zone.

Reflection: Targeting the requests to the victim property is possible due to the fact that DNS servers use UDP protocol. As known, this protocol is connectionless what make it easy for the attacker to spoof the IP address and change it to the target IP.

These two features make the attack fatal by easily overwhelm the victim who will difficult to trace the attacker identity and destination.

vDTP 05


Answer seven online questions and get a free report assessing your protection status with recommendations for improvement