Help about DNS documentation

Andrew Latham lathama at gmail.com
Fri Nov 3 15:34:42 UTC 2023 

* Commonly when an answer to a query is larger than UDP should handle, a
switch to TCP is required. This can be configurable and done in unexpected
ways to thwart DDOS
* I do not know of any laws specifically mentioning DNS. General computer
system/network laws could apply.
* I think there would be some demonstrations out there. I searched for
`github dns amplification attack` and saw many.

On Fri, Nov 3, 2023 at 9:21 AM Amaury Van Pevenaeyge <
avanpevenaeyge at outlook.fr> wrote:

> Hello everyone,
>
>
>
> I'm currently a final year Master's student at the Free University of
> Brussels. As part of my Master's thesis, I have to implement a DNS
> amplification scenario within a Cyber Range. However, before achieving this
> final goal, I first need to make amplification rate measurements within a
> virtual machine system. I therefore have a few questions about the DNS
> protocol and DNS servers.
>
>
>
>    - Why do some DNS servers respond via TCP to an ANY query made under
>    UDP? I have read in RFC8482 that modern DNS servers try to limit responses
>    to ANY queries in order to limit the impact of their use in DNS
>    amplification attack but I would like to learn more about the security
>    measures/best practices currently in place for this type of query and for
>    big TXT responses. Does anyone have any sources or other RFCs that might be
>    useful?
>
>
>
>    - Would you have any advice/recommendations or sources on the legal
>    Framework to be respected for my Master’s thésis, so that I can carry out
>    my various measures without being illegal or alerting certain entities?
>
>
>
>    - Would you have some articles and researches or others about DNS
>    protocol, DNS protocol security or good research practices for DNS
>    amplification attacks?
>
>
>
> Thank you in advance for your help. I remain at your disposal should you
> have any questions.
> --
> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> ISC funds the development of this software with paid support
> subscriptions. Contact us at https://www.isc.org/contact/ for more
> information.
>
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>


-- 
- Andrew "lathama" Latham -
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20231103/511eecca/attachment-0001.htm>

More information about the bind-users mailing list