During recent days, DNS based attacks are on the rise
Traditional Firewalls leave Port 53 open, which is default for DNS queries. So, they are vulnerable to DNS based DDoS Attacks such as amplification, reflection, etc. Since they require high compute performance which is costlier to accurately detect DNS-based attacks, Traditional Protection is ineffective.
If DNS Service goes down, network attached devices stop working. For Companies, this kind of DNS vulnerabilities leads to loss of revenue, customer defection and negative brand impact.
Top DNS attacks to look out for:
1. Distributed Reflection DoS attack
2. Cache poisoning
3. TCP SYN floods
4. DNS tunneling
5. DNS hijacking
6. Basic NXDOMAIN attack
7. Phantom Domain attack
8. Random subdomain attack
9. Domain lock-up attack
10. Botnet-based attacks from CPE devices