DNS Amplification Attack

-


A Domain Name Server (DNS) amplification attack is a popular form of distributed denial of service (DDoS) that relies on the use of publically accessible open DNS servers to overwhelm a victim system with DNS response traffic. It is a type of reflection attack which manipulates publically-accessible domain name systems, making them flood a target with large quantities of UDP packets. Using various amplification techniques, perpetrators can “inflate” the size of these UDP packets, making the attack so potent as to bring down even the most robust Internet infrastructure.


          There are two criteria for a good amplification attack vector: 1) query can be set with a spoofed source address (e.g., via a protocol like ICMP or UDP that does not require a handshake); and 2) the response to the query is significantly larger than the query itself. DNS is a core, ubiquitous Internet platform that meets these criteria and therefore has become the largest source of amplification attacks
The attacker sends a DNS look-up request using the spoofed IP address of the target to vulnerable DNS servers. Most commonly, these are DNS servers that support open recursive relay. The original request is often relayed through a botnet for a larger base of attack and further concealment. The DNS request is sent using the EDNS0 extension to the DNS protocol allowing for large DNS messages.  It may also use the DNS security extension (DNSSEC) cryptographic feature to add to the size of the message. 


         These amplifications can increase the size of the requests from around 40 bytes to above the maximum Ethernet packet size of 4000 bytes. This requires they be broken down for transmission and then reassembled, requiring further target network resources.  A botnet's many amplified requests enable an attacker to direct a large attack with little outgoing bandwidth use. The attack is hard to protect against as it comes from valid-looking servers with valid-looking traffic. It is very hard to identify if it’s an attack or a legitimate request


A simple example for DNS Amplification attack
For doing this we need a DNS attack Script. Download dnsdrdos.c script from github.




copy the script save it in   here i go on with the same name.When saving the script remove all the things that is not the script from the file because when compiling the file with writings other than script will cause lot of errors.


compile the script


gcc  dndrdos.c  -o dndrdos.o  -Wall -ansi  


This will compile and convert the c file into executable mode file


create a list of dns servers  in a file
 for this go to any free dns server lists and copy the address one by one ,(only one ip should be present in one line)


for attacking type in terminal


./dnsdrdos.o  -f  Dnsfilelist.txt  -s   -l 


Here   f  is for selecting the file that we created for DNS server ips
          s  is source ip that is the targeted ip
          l  is the loop that is the no of times we need the request to go


This will flood the targeted ip with lots of dns requests and thereby slowing down the internet  depending upon the  threshold of the connection.Now a days every router have a QoS facility inbuilt by enabling these facility we can control these attack to some extend


Comments

  1. PiLoggroup28 May 2019 at 16:57

    Nice post....
    We are providing the best master data services around the world....visit our website for more information....
    master data management in sap
    data cleansing tools
    Master Data Governance
    Data Cleansing Services
    data classification tools
    Master Data Management Solutions
    data transformation service

    ReplyDelete
  2. No Name10 June 2020 at 18:32

    Hi All!

    I'm selling fresh & genuine SSN Leads, with good connectivity. All data are tested & verified.
    Headers in Leads:

    First Name | Last Name | SSN | Dob | Address | State | City | Zip | Phone Number | Account Number | Bank NAME | DL Number | House Owner

    *You can ask for sample before any deal
    *Each SSN lead will be cost $1
    *Premium Lead will be cost $5
    *If anyone wants in bulk I will negotiate
    *Sampling is just for serious buyers

    ==>ACTIVE & FRESH CC FULLZ ALSO AVAILABLE<==
    -->$5 PER EACH

    Hope for the long term deal
    For detailed information you can make contact on:

    Whatsapp > +923172721122
    Email > leads.sellers1212@gmail.com
    Telegram > @leadsupplier
    ICQ > 752822040

    ReplyDelete
  3. No Name4 February 2022 at 07:58

    FULLZ AVAILABLE WITH HIGH CREDIT SCORES 700+
    (Spammed From Credit Bureau of USA)

    =>Contact 24/7<=

    Telegram> @leadsupplier
    ICQ> 752822040

    FRESHLY SPAMMED
    VALID INFO WITH VALID DL EXPIRIES

    *All info included*
    NAME+SSN+DOB+DL+DL-STATE+ADDRESS
    Employee & Bank details included

    CC & CVV'S ONLY USA AVAILABLE

    $1 for SSN+DOB
    $2 for SSN+DOB+DL
    $5 for High credit fullz 700+
    (bulk order negotiable)
    *Payment in all crypto currencies will be accepted

    ->You can buy few for testing
    ->Invalid or wrong info will be replaced
    ->Serious buyers needed for long term

    PLEASE DON'T ASK ANYTHING FOR FREE

    TOOLS & TUTORIALS AVAILABLE FOR SPAMMING, HACKING & CARDING

    (Carding, spamming, hacking, scam page, Cash outs, dumps cash outs)

    Ethical Hacking Tools & Tutorials
    Kali linux
    Facebook & Google hacking
    SQL Injector
    Bitcoin flasher
    Keylogger & Keystroke Logger
    Premium Accounts (Netflix, coinbase, FedEx, Pornhub, etc)
    Paypal Logins
    Bitcoin Cracker
    SMTP Linux Root
    DUMPS with pins track 1 and 2
    Smtp's, Safe Socks, rdp's, VPN, Viruses
    Cpanel
    Php mailer
    Server I.P's & Proxies
    HQ Emails Combo

    *If you need a valid vendor it's very prime chance, you'll never be disappointed*

    CONTACT 24/7
    Telegram> @leadsupplier
    ICQ> 752822040

    ReplyDelete

Post a Comment

Popular posts from this blog

Avet – Open Source Anti-Virus Evasion Tool

-
Image
When we want to perform an exploitation to a windows target, we need a payload that is undetectable to Antivirus Solutions. Msfvenom on its own is not enough. So we need an AV evasion tool to make this easy for us. Avet is a tool for building exe files with shellcode payloads for antivirus evasion. Installing Avet First clone the repository to our machine. git clone https://github.com/govolution/avet.git   After that go inside the folder and run the setup file to install wine and other missing components. cd avet/       Run the setup file to install the missing components.   ./setup.sh     Select create  for new installation   Running Avet There are two ways to run avet. Run avet by typing the command below. python avet_fabric.py   There are two ways to run avet. Either by compiling the make_avet script as shown below, or by  running the avet_fabric.py script, as shown. gcc -0 make_avet make_avet.c
Read more

PDFCrack - Password Cracking Tool for PDF-files

-
Image
PDFcrack is a GNU/Linux tool for cracking password protected PDF files. It is a very small command line application. It is not preinstalled in kali linux. We can install through command line. For installing pdfcrack open a terminal and enter apt install pdfcrack Syntax and options Usage: pdfcrack -f filename [OPTIONS]           : pdfcrack -f filenmae -w passwordfile.txt OPTIONS : -b, --bench perform benchmark and exit -c, --charset=STRING Use the characters in STRING as charset -w, --wordlist=FILE Use FILE as source of passwords to try -n, --minpw=INTEGER Skip trying passwords shorter than this -m, --maxpw=INTEGER Stop when reaching this passwordlength -l, --loadState=FILE Continue from the state saved in FILENAME -o, --owner Work with the ownerpassword -u, --user Work with the userpassword (default) -p, --password=STRING Give userpassword to speed up breaking ownerpassword (implies -o) -q, --quiet Run quietly -s,
Read more

How to Repair Kali Linux grub after installing Windows in Dual boot System

-
Image
If your System has primary OS Windows then you install your secondary OS Kali Linux. That will be OK, Kali Linux puts boot entry of Windows automatically for you. At initial boot menu you can see both OS entry to boot. If your windows is corrupt in dual boot system or if you want to install windows as secondary OS after installing Kali Linux as primary OS. You may face corrupt boot-loader menu. You wont be able to boot Kali Linux any more because Windows wont put entry of Kali Linux automatically in their boot menu. So this post motive is to help those guys which are facing those problems subjecting to corrupt Boot-loader. There are mainly two methods: 1. Repair Grub via Kali Linux live USB. 2. Repair Grub Via Boot-rapair-disk. Method 1# Repair Grub via Kali Linux live USB It is up to you which you want to choose but if you are Linux familiar then go for this method. Requirements 1. A Kali Linux ISO image. You can download here: Download Kali Linux
Read more