Occasionally, I tend to check in on what reflective DNS denial of service attacks are doing. We usually see steady levels of attacks. Usually, they attempt to use spoofed requests for ANY records to achieve the highest possible amplification. Currently, I am seeing these two records used (among others):
DNS Reflection Update and Odd Corrupted DNS Requests, (Wed, Sep 25th)
This post was originally published on this site