• My Tweats

    Error: Twitter did not respond. Please wait a few minutes and refresh this page.

  • Flickr Photos

  • Advertisements

DNS DDOS Mitigation Update

I posted on the DNS DDOS attacks here and here.

I realize I left out one of the prudent steps all organizations should enforce as part of their Network Security Policy:

  • Only allow your internal clients to talk to your own DNS servers. This negates the situation were they are bot'd and used as part of a DNS DDOS.
  • If you have IT support people who may need to do direct DNS queries against other DNS servers on the internet as part of a troubleshooting function, either only allow them explicitly, or set up a test/support machine that allows unfettered DNS queries (but requires explicit access authorization..
  • Audit this policy and exceptions to it on a semi-annual basis.

Also, via DIGG, here is an additional article on DNS DDOS.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: