Stop Feeding the Pizza DDoS DNS Attack

 A couple of weeks ago the Internet was put-down by an attack on a core Internet service, the domain name system (DNS). As the Internet is a globally shared common resource we must all, as a community, take steps to prevent malicious actors from successfully DDoSing key critical Internet infrastructure and services.To all the IT Security,...

Read More

BIND Best Practices - Authoritative

 1) Run BIND on a server dedicated to DNS only.Reasons include:Minimized risk of impact to DNS services as a result of other applications consuming server resources (perhaps due to an attack on those services, or due to application error).Conversely, minimized risk to other applications as a result of BIND consuming all system or network resources.Reduced likelihood of unauthorized access to the DNS server (e.g. via a code...

Read More

Blocking DNS requests via IPTables

 IPTables has to be one of the tools that I use the most on my day to day work. The default firewall tool chain on Linux has a lot of options to filter pretty much any traffic you wish.In this article we will show you how to block DNS requests (domain names + request types) via IPTables. Enjoy!Understanding DNSDNS is binary protocol, where the domain name and the record type (A, AAAA, MX) are all encoded into the DNS query,...

Read More