Find an IT Download

Protecting DNS Servers from Denial of Service Threats

Distributed denial of server (DDoS) using spoofed recursive DNS requests are on the rise. These recommendations can help prevent DNS-based attacks, as well as cache poisoning.

505 KB | 3 files | null PDF

Typically, DNS servers only provide DNS services to machines within a trusted domain. Restricting recursion and disabling the ability to send additional delegation information can help prevent DNS-based DoS attacks and cache poisoning. It can also improve performance on your network by reducing the vulnerability of your DNS servers to use as a reflector in such an attack. The following US-CERT recommendations provide guidance on mitigating this threat.

Included in this ZIP file are:

  • Intro Page.pdf
  • Terms and Conditions.pdf
  • The Continuing Denial of Service Threat Posed by DNS Recursion.pdf


Recent IT Downloads
Building a GRC Program: Assessing Stakeholder Needs and Readiness

This table outlines the top needs of each stakeholder group that can help guide your conversat...Read More

Recent IT Downloads
Guide to Cyber Threat Information Sharing

This publication provides guidelines for establishing and participating in cyber threat inform...Read More

Recent IT Downloads
Colocation Checklist

This checklist will help make sure you ask the important questions that will affect your coloc...Read More

Recent IT Downloads
Trustworthy Email

This document provides recommendations and guidelines for enhancing trust in email, including ...Read More