Results 1 to 8 of 8
Thread: How to prevent DNS Flood
-
05-28-2008, 10:22 AM #1Web Hosting Evangelist
- Join Date
- Apr 2006
- Posts
- 516
How to prevent DNS Flood
Can anyone share tips how to prevent DNS flood on a cPanel and Directadmin server platform on Centos?
-
05-28-2008, 11:28 AM #2Web Hosting Master
- Join Date
- Mar 2003
- Location
- Canada
- Posts
- 9,072
What kind of flood are you seeing here, just thousands of unrelated requests to your DNS server or a bunch SYN/UDP attacks directed at port 53?
RACK911 Labs | Penetration Testing | https://www.RACK911Labs.ca
www.HostingSecList.com - Security Notices for the Hosting Community.
-
05-28-2008, 11:40 AM #3Web Hosting Master
- Join Date
- Oct 2007
- Posts
- 2,349
Do you have firewall installed ?
www.24x7servermanagement.com
Server Management, Server Security, Server Monitoring.
India's Leading Managed Service Provider !! Skype: techs24x7
-
05-28-2008, 11:42 AM #4Web Hosting Master
- Join Date
- Mar 2003
- Location
- Canada
- Posts
- 9,072
-
05-28-2008, 01:22 PM #5Web Hosting Master
- Join Date
- Oct 2007
- Location
- 9.9N 76.2E , Planet Earth
- Posts
- 1,003
Turn off recursion in your named.conf
http://www.webhostingtalk.com/archiv.../t-543883.html∞A U T O M 8 N . C O M
High Available webstack for cPanel
Active-Active redundancy and High Availability plugin for cPanel
-
05-28-2008, 09:19 PM #6Web Hosting Evangelist
- Join Date
- Apr 2006
- Posts
- 516
-
05-29-2008, 12:07 AM #7Retired Moderator
- Join Date
- May 2006
- Location
- San Francisco
- Posts
- 7,325
Did disabling recursion fix it?
-
05-29-2008, 12:44 AM #8Junior Guru
- Join Date
- Mar 2006
- Posts
- 241
Attacks due to misconfiguration in named.conf work in the following manner,Attacker sends several thousand spoofed requests toa DNS server that allows recursion. The DNS server processes these requests as valid and then returns the DNS replies to the spoofed recipient . When the number of requests is in the thousands, the attacker could potentially generate a multi-gigabit flood of DNS replies.
Last edited by Lsupport; 05-29-2008 at 12:45 AM. Reason: typo
LiquidSupport - A subsidiary of I-Fort Technologies (Pvt.) Ltd
Server Administration | Technical Support | Web Development