Help about DNS documentation
Amaury Van Pevenaeyge
avanpevenaeyge at outlook.fr
Fri Nov 3 15:20:50 UTC 2023
Hello everyone,
I'm currently a final year Master's student at the Free University of Brussels. As part of my Master's thesis, I have to implement a DNS amplification scenario within a Cyber Range. However, before achieving this final goal, I first need to make amplification rate measurements within a virtual machine system. I therefore have a few questions about the DNS protocol and DNS servers.
* Why do some DNS servers respond via TCP to an ANY query made under UDP? I have read in RFC8482 that modern DNS servers try to limit responses to ANY queries in order to limit the impact of their use in DNS amplification attack but I would like to learn more about the security measures/best practices currently in place for this type of query and for big TXT responses. Does anyone have any sources or other RFCs that might be useful?
* Would you have any advice/recommendations or sources on the legal Framework to be respected for my Master’s thésis, so that I can carry out my various measures without being illegal or alerting certain entities?
* Would you have some articles and researches or others about DNS protocol, DNS protocol security or good research practices for DNS amplification attacks?
Thank you in advance for your help. I remain at your disposal should you have any questions.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20231103/9975ca56/attachment.htm>
More information about the bind-users
mailing list