[dns-operations] solutions for DDoS mitigation of DNS
frank at louwers.be
Thu Apr 2 07:15:36 UTC 2020
>> May I ask if there are any solutions for DDoS mitigation of DNS?
> All solutions that were mentioned here are correct but incomplete:
> there is no general solution against dDoS, because "it depends". There
> are many types of dDoS. You will need several tools in your toolbox,
> and someone knowledgeable to choose among them.
I completely agree. However, some tools have a large toolbox built-in and reduce the need for other tools. Eg: dnsdist allows you to do general ratelimiting/blocking, but allows you to build your own rules as well.
Note that I can buy a great, expensive and high-quality garage toolbox, but that that doesn't mean I can repair my own car. The toolbox is what the knowledgeable expert needs to fix the problem...
Kind Regards and best of luck fending of the bad people...
DNS Consultant @ Kiwazo.be <http://kiwazo.be/>
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the dns-operations