DDoS Glossary

DNS Reflected Amplification Flood

DNS Reflected Amplification Flood is a type of DDoS attack that belongs to the application attacks family. During the attack, the attacker exploits a vulnerability in publically-accessible domain name systems (DNS) to flood the target with a large number of UDP packets. This attack has two main features:

Amplification: Using those DNS servers and various amplification techniques the attacker can turn small requests into much larger ones, which easily bring down the victim’s server. For example, using one request of “ANY” query type, will return all known information about a DNS zone.

Reflection: Targeting the requests to the victim property is possible due to the fact that DNS servers use UDP protocol. As known, this protocol is connectionless, which makes it easy for the attacker to spoof the IP address and change it to the target IP.