hosted by liquidweb


Go Back   Web Hosting Talk : Web Hosting Main Forums : Hosting Security and Technology : How to prevent DNS Flood
Reply

Forum Jump

How to prevent DNS Flood

Reply Post New Thread In Hosting Security and Technology Subscription
 
Send news tip View All Posts Thread Tools Search this Thread Display Modes
  #1  
Old
Web Hosting Evangelist
 
Join Date: Apr 2006
Posts: 516

How to prevent DNS Flood


Can anyone share tips how to prevent DNS flood on a cPanel and Directadmin server platform on Centos?



Sponsored Links
  #2  
Old
Security Ninja
 
Join Date: Mar 2003
Location: Canada
Posts: 8,767
What kind of flood are you seeing here, just thousands of unrelated requests to your DNS server or a bunch SYN/UDP attacks directed at port 53?

__________________
Patrick William | RACK911 Labs | Software Security Auditing
300+ Vulnerabilities Found - Get a Quote @ http://www.RACK911Labs.com

www.HostingSecList.com - Security notices for the hosting community.

  #3  
Old
Web Hosting Master
 
Join Date: Oct 2007
Posts: 908
Do you have firewall installed ?

__________________
www.24x7servermanagement.com
Server Management, Server Security, Server Monitoring.
Offering Xen/KVM VPS Hosting !! Follow us on FaceBook


Sponsored Links
  #4  
Old
Security Ninja
 
Join Date: Mar 2003
Location: Canada
Posts: 8,767
Quote:
Originally Posted by Srv24x7 View Post
Do you have firewall installed ?
Depending on the attack, most (if not all) software firewalls are going to be utterly useless in regards to not filtering out legitimate DNS traffic. (Basically, everything will probably end up getting filtered just creating a whole mess...)

  #5  
Old
Junior Guru
 
Join Date: Oct 2007
Location: Kochi,INDIA
Posts: 186
Turn off recursion in your named.conf

http://www.webhostingtalk.com/archiv.../t-543883.html

__________________
cpXstack -GPL licensed nginX+PHP-FPM stack for Cpanel
cpHstack -GPL licensed Apache Event MPM +PHP-FPM stack for Cpanel
✉ info [at] piserve [dot] com ☏skype: sys-ally

  #6  
Old
Web Hosting Evangelist
 
Join Date: Apr 2006
Posts: 516
Quote:
Originally Posted by gnusys View Post
Turn off recursion in your named.conf

http://www.webhostingtalk.com/archiv.../t-543883.html
all my server has apf+bfd. others has csf.

so what i need to do is to disable recursion?

ok.. i'll try that out

  #7  
Old
Retired Moderator
 
Join Date: May 2006
Location: San Francisco
Posts: 7,188
Did disabling recursion fix it?

  #8  
Old
Junior Guru
 
Join Date: Mar 2006
Posts: 241
Attacks due to misconfiguration in named.conf work in the following manner,Attacker sends several thousand spoofed requests toa DNS server that allows recursion. The DNS server processes these requests as valid and then returns the DNS replies to the spoofed recipient . When the number of requests is in the thousands, the attacker could potentially generate a multi-gigabit flood of DNS replies.

__________________
LiquidSupport - A subsidiary of I-Fort Technologies (Pvt.) Ltd
Server Administration | Technical Support | Web Development


Last edited by Lsupport; 05-29-2008 at 12:45 AM. Reason: typo
Reply

Related posts from TheWhir.com
Title Type Date Posted
Waxman Offers Hybrid Plan to Keep Broadband Providers Happy While Protecting Net Neutrality Web Hosting News 2014-10-06 14:31:53
Washington Mulls Visa Restrictions to Prevent Chinese Nationals from Attending Popular US Hacking Conferences Web Hosting News 2014-05-27 11:15:49
Black Lotus Identifies DDoS Attack Trends in New Report Web Hosting News 2014-01-31 16:20:13
Google, Microsoft Create Algorithm to Block Child Abuse Search Terms Web Hosting News 2013-11-18 14:59:58
Prolexic Mitigates DDoS Attacks on Henyep Financial Trading Sites Web Hosting News 2013-01-24 11:36:11


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump
Login:
Log in with your username and password
Username:
Password:



Forgot Password?
WHT Host Brief Email:

We respect your privacy. We will never sell, rent, or give away your address to any outside party, ever.

Advertisement:
Web Hosting News:
WHT Membership
WHT Membership



 

X

Welcome to WebHostingTalk.com

Create your username to jump into the discussion!

WebHostingTalk.com is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.


(4 digit year)

Already a member?