Not so long ago there was reporting of DNS servers being used for amplificaiton attacks, a DNS amplifiction attack is when the respons from the reply is X times greater than the query. This is mostly if not always done by using the EDNSO DNS protocol, or by DNSSEC which uses certain cryptographic features. Through the mentioned means and other, the DNS request of 60 bytes can be setup to get a response of 4000 bytes. In this scenario we get a 70:1 amplification vector.
This type of attack is often seen in conjunction with bot nets, there you can send spoofed requests from unknowing participants and no one is the wiser. Done with enough “bots” and the results can be devastating for the targeted server/host.
If we look at the targeted host/server for the attack as a shop with 1 entrance door, if the store (in this case the targeted system) have a capability of handling 100 customers per minute, and there all of a sudden 10 000 ? The doorway is clogged, no customers is served and the shop is closed.
A DNS amplification can be broken down into four steps:
The attacker uses a compromised endpoint to send UDP packets with spoofed IP addresses to a DNS recursor. The spoofed address on the packets points to the real IP address of the victim.
Each one of the UDP packets makes a request to a DNS resolver, often passing an argument such as “ANY” in order to receive the largest response possible.
After receiving the requests, the DNS resolver, which is trying to be helpful by responding, sends a large response to the spoofed IP address.
The IP address of the target receives the response and the surrounding network infrastructure becomes overwhelmed with the deluge of traffic, resulting in a denial-of-service.
So what does a real world DNS amplification attack look like ?
A Youtube video of an practical demo, its an older video but still great for learning about this type of attack.
I find it personally much easier to grasp something if i can play arround with it, its easy to read about some fancy concept in theory. But I find my self understanding it in a whole new way when I get “hands” on with it.