How to prevent DNS flooding

IPS_User · ‎11-30-2011

I found that many DNS queries coming from Internet is sent to my DNS server every minutes. Although they query the valid domain name, the hostname is a fake & random generated value or the query type is ANY.

However, those traffic did not trigger any attack filter, and I am use 600 N series IPS, would you please tell me how I can prevent this attack?

cenk sasmaztin · ‎12-11-2011

please try

filter 1350,1351,1352,1353,1354,1355

cenk

IPS_User · ‎12-13-2011

Thank you for your information, Cenk Sasmaztin!

All your mentioned filters are enabled, but no triggered.

cenk sasmaztin · ‎12-15-2011

may be use snort rules for dns attack

download snort rules from snort web site and convert tipping point filter with dv converter tool

please watch my video

http://youtu.be/JatIvCv4zow

cenk

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

How to prevent DNS flooding

How to prevent DNS flooding

Re: How to prevent DNS flooding

Re: How to prevent DNS flooding

Re: How to prevent DNS flooding